Re: logcheck: Dangerous usage of /var/tmp ?

To: 193161@bugs.debian.org, debian-dpkg@lists.debian.org
Subject: Re: logcheck: Dangerous usage of /var/tmp ?
From: Josip Rodin <joy@srce.hr>
Date: Sun, 17 Aug 2003 15:51:07 +0200
Message-id: <[🔎] 20030817135107.GC10155@prvidomaci.srce.hr>
In-reply-to: <[🔎] 20030817022011.GY24636@alcor.net>
References: <E19o6qf-0007Qt-00@toncho.dhh.gt.org> <20030816195612.GT24636@alcor.net> <87ekzl9igi.fsf@toncho.dhh.gt.org> <[🔎] 20030817022011.GY24636@alcor.net>

On Sat, Aug 16, 2003 at 10:20:11PM -0400, Matt Zimmerman wrote:
> mizar:[/usr/share/doc] sudo mkdir hello
> 
> Even though the directory was created outside the packaging system, its
> existing permissions and ownership are preserved.  I don't think this
> should happen.

It's a perfectly normal thing -- sysadmins need to be able to change
directories' permissions according to their local policy. It's reasonably
safe for packages to assume that random users won't be able to write to
/usr/share/doc. /var/tmp, OTOH, is not such a safe directory. Since the
package installation process runs as root, the temporary directory should
be created elsewhere.

-- 
     2. That which causes joy or happiness.

Reply to:

Follow-Ups:
- Re: Bug#193161: logcheck: Dangerous usage of /var/tmp ?
  - From: Matt Zimmerman <mdz@debian.org>

References:
- Re: logcheck: Dangerous usage of /var/tmp ?
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Re: logcheck: Dangerous usage of /var/tmp ?
Next by Date: Re: logcheck: Dangerous usage of /var/tmp ?
Previous by thread: Re: logcheck: Dangerous usage of /var/tmp ?
Next by thread: Re: Bug#193161: logcheck: Dangerous usage of /var/tmp ?
Index(es):
- Date
- Thread