Re: Bug#725434: Problems with gbp when $TMP != /tmp

To: 725434@bugs.debian.org
Cc: debian-mentors@lists.debian.org
Subject: Re: Bug#725434: Problems with gbp when $TMP != /tmp
From: Jakub Wilk <jwilk@debian.org>
Date: Tue, 20 Oct 2015 19:49:02 +0200
Message-id: <[🔎] 20151020174902.GA4362@jwilk.net>
In-reply-to: <[🔎] 20151020161855.GB18497@chase.mapreri.org>
References: <[🔎] 20151020130755.GB2007@an3as.eu> <[🔎] 20151020161855.GB18497@chase.mapreri.org>

* Mattia Rizzolo <mattia@mapreri.org>, 2015-10-20, 16:18:

[ -n "$TMP" -a ! -d "$TMP" ] && mkdir -p "$TMP" || true
[ -n "$TMPDIR" -a ! -d "$TMPDIR" ] && mkdir -p "$TMPDIR" || true

POSIX says that one should use $TMPDIR as a directory for temporaryfiles. I you know software that uses $TMP, $TEMP, $TEMPDIR or somethingelse for this purpose, please file bugs. :)

umh, something tells me this is not enough: hooks are run as root,while the build is not, so the build user would not be able to writethere. Currently the build username or user ID is not exported to thehooks, so the better you can do is to chmod 777 TMPDIR and TMP(programs using /tmp should be able to use that securely anyway...)

ITYM 1777. Without sticky bit set, other users could remove yourtemporary files or directories and replace them with their own, whichwould not end well.


--
Jakub Wilk

Reply to:

References:
- Problems with gbp when $TMP != /tmp
  - From: Andreas Tille <andreas@an3as.eu>
- Re: Bug#725434: Problems with gbp when $TMP != /tmp
  - From: Mattia Rizzolo <mattia@mapreri.org>

Prev by Date: Re: Bug#725434: Problems with gbp when $TMP != /tmp
Next by Date: Bug#802516: RFS: node-util-deprecate/1.0.2-1
Previous by thread: Re: Bug#725434: Problems with gbp when $TMP != /tmp
Next by thread: Bug#802516: RFS: node-util-deprecate/1.0.2-1
Index(es):
- Date
- Thread