Re: secure temporary directory

To: hirou@linuxfr.org (Yann Hirou)
Cc: debian-mentors@lists.debian.org
Subject: Re: secure temporary directory
From: Julian Gilbey <J.D.Gilbey@qmw.ac.uk>
Date: Tue, 27 Apr 1999 01:45:23 +0100 (BST)
Message-id: <[🔎] E10bw03-0005Wc-00@polya>
In-reply-to: <[🔎] Pine.LNX.3.96.990426143620.23534A-100000@gloup> from Yann Hirou at "Apr 26, 1999 2:44: 4 pm"

> hi,
> 
> I would like to package an app, that needs a 700 tmp directory.
> Where should I put it ? 
> /var/myapp/tmp looks good, but I'm not sure.

In /var/run/myapp would be sensible *if* it is root creating the
directory.  (Note that /var/spool differs from /var/run in that the
former will be preserved across system reboots whereas the latter
won't, and is intended for spooled data to be processed later.)

Alternatively, use one of the secure methods for creating a directory
in /tmp, depending upon the language in which you are writing the
code.  As far as I know, once a directory is created mode 700 in /tmp
(*not* in a non-trusted subdirectory thereof, however), its contents
are secure and readable only by the owner.  There have been
discussions about this before -- you might want to check the mailing
list archives from the last couple of months, perhaps in -mentors,
perhaps in -devel.

   Julian

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

  Julian Gilbey, Dept of Maths, QMW, Univ. of London. J.D.Gilbey@qmw.ac.uk
             Debian GNU/Linux Developer.  jdg@debian.org
       -*- Finger jdg@master.debian.org for my PGP public key. -*-

Reply to:

References:
- secure temporary directory
  - From: Yann Hirou <hirou@linuxfr.org>

Prev by Date: Re: Chaning a new package still in incoming?
Next by Date: Re: Updating packages before being developer
Previous by thread: Re: secure temporary directory
Next by thread: Preparing a source and binary package
Index(es):
- Date
- Thread