Re: deleting content of /tmp

To: Ron Johnson <ron.l.johnson@cox.net>
Cc: debian-user@lists.debian.org
Subject: Re: deleting content of /tmp
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Mon, 26 Mar 2007 09:45:23 -0300
Message-id: <[🔎] 20070326124523.GA32751@khazad-dum.debian.net>
In-reply-to: <[🔎] 46077BC9.80803@cox.net>
References: <[🔎] 20070325000738.GA26003@santiago.connexer.com> <[🔎] 4605D2AE.8040308@cox.net> <[🔎] 20070325014519.GT27344@zip.com.au> <[🔎] 4605D647.1030302@cox.net> <[🔎] 20070325022219.GC26003@santiago.connexer.com> <[🔎] 4605DF1E.2040801@cox.net> <[🔎] 20070325024644.GE26003@santiago.connexer.com> <[🔎] 4605E9C8.8050001@cox.net> <[🔎] 20070326014831.GB6718@khazad-dum.debian.net> <[🔎] 46077BC9.80803@cox.net>

On Mon, 26 Mar 2007, Ron Johnson wrote:
> > And it is *excellent* design to unlink an open file depending on what you
> > want it for.  It is the only failure-proof way to make sure temporary files
> > cannot be attacked from outside, and also that they will disappear if the
> > program crashes, exits, or has other problems.  You can easily change that
> > to a "unlink on sucessfull exit" thing when running in debug mode, too.
> 
> It's excellent only if your filesystem does not have rich-enough
> semantics to protect your files from outside snoops.

Sorry, but no.  It is excellent because you never have to clean up after
screw ups (the file will be gone as soon as it is closed or the process is
terminated), and because it makes it impossible for incompetent programmers
to access a file by anything other than its fd after it was created +
unlinked.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

References:
- Re: deleting content of /tmp
  - From: Roberto C. Sánchez <roberto@connexer.com>
- Re: deleting content of /tmp
  - From: Ron Johnson <ron.l.johnson@cox.net>
- Re: deleting content of /tmp
  - From: CaT <cat@zip.com.au>
- Re: deleting content of /tmp
  - From: Ron Johnson <ron.l.johnson@cox.net>
- Re: deleting content of /tmp
  - From: Roberto C. Sánchez <roberto@connexer.com>
- Re: deleting content of /tmp
  - From: Ron Johnson <ron.l.johnson@cox.net>
- Re: deleting content of /tmp
  - From: Roberto C. Sánchez <roberto@connexer.com>
- Re: deleting content of /tmp
  - From: Ron Johnson <ron.l.johnson@cox.net>
- Re: deleting content of /tmp
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: deleting content of /tmp
  - From: Ron Johnson <ron.l.johnson@cox.net>

Prev by Date: fvwm vs. fvwm-crystal
Next by Date: Re: OT: sponge burning!
Previous by thread: Re: deleting content of /tmp
Next by thread: Re: deleting content of /tmp
Index(es):
- Date
- Thread