[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: logcheck: Dangerous usage of /var/tmp ?

On Sat, Aug 16, 2003 at 10:20:11PM -0400, Matt Zimmerman wrote:
> mizar:[/usr/share/doc] sudo mkdir hello
> Even though the directory was created outside the packaging system, its
> existing permissions and ownership are preserved.  I don't think this
> should happen.

It's a perfectly normal thing -- sysadmins need to be able to change
directories' permissions according to their local policy. It's reasonably
safe for packages to assume that random users won't be able to write to
/usr/share/doc. /var/tmp, OTOH, is not such a safe directory. Since the
package installation process runs as root, the temporary directory should
be created elsewhere.

     2. That which causes joy or happiness.

Reply to: