Re: deleting content of /tmp

To: debian-user@lists.debian.org
Subject: Re: deleting content of /tmp
From: Douglas Allan Tutty <dtutty@porchlight.ca>
Date: Fri, 30 Mar 2007 21:30:18 -0400
Message-id: <[🔎] 20070331013018.GB10875@titan>
In-reply-to: <[🔎] 46057081.6030504@dsl.pipex.com>
References: <[🔎] 46057081.6030504@dsl.pipex.com>

On Sat, Mar 24, 2007 at 06:40:01PM +0000, andy wrote:
> 
> Can someone advise me on the pros and cons of deleting the contents of 
> /tmp/ as part of general security conscious non-paranoia. I was thinking 
> that it would be an okay thing to do periodically (or at logout, etc.) 
> using a overwriting/shredding program. But, before I committed myself, 
> decided it was prudent to ask.
> 

Here's how I do it:

1.	/tmp is on tmpfs so it automatically is gone on reboot.  Yes
	the boot-up init-script also cleans out /tmp

2.	swap (which then contains /tmp) is encrypted, on LVM, on raid1,
	and is large (twice my 1 GB ram) since disk space is cheap.

3.	I use the libpam-tmpdir so that each user has their own
	tmp directory under /tmp/user

4.	Each user has a symlink from /home/$USER/tmp to their actual
	temp dir, so that they can easily browse to their tmpdir.  Also
	helpfull for some apps where you get a dialog to choose a cache
	directory and you can't directly enter a path but must browse to
	it.

5.	TMP and TMPDIR are both set.


I think this takes care of the users' tmp files.  If they want to
garbage-collect from their own $TMPDIR, let them.  For non-user stuff, I
just trust the debian team to make apps/packages that take care of this
on their own.

Do you find any specific files or file types in /tmp that worry you?

YMMV.

Doug.

Reply to:

References:
- deleting content of /tmp
  - From: andy <geek_show@dsl.pipex.com>

Prev by Date: Re: [OT] How much open is OpenSolaris?
Next by Date: Re: Woohooo! Dell + Linux
Previous by thread: Re: deleting content of /tmp
Next by thread: need scanner recommendation
Index(es):
- Date
- Thread