Re: logcheck: Dangerous usage of /var/tmp ?
On Sat, Aug 16, 2003 at 10:20:11PM -0400, Matt Zimmerman wrote:
> mizar:[/usr/share/doc] sudo mkdir hello
>
> Even though the directory was created outside the packaging system, its
> existing permissions and ownership are preserved. I don't think this
> should happen.
It's a perfectly normal thing -- sysadmins need to be able to change
directories' permissions according to their local policy. It's reasonably
safe for packages to assume that random users won't be able to write to
/usr/share/doc. /var/tmp, OTOH, is not such a safe directory. Since the
package installation process runs as root, the temporary directory should
be created elsewhere.
--
2. That which causes joy or happiness.
Reply to: