[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Moving /tmp to a separate partition. Advice?

On Mon, May 24, 2010 at 6:30 AM, Andrew Reid <reidac@bellatlantic.net> wrote:
> On Sunday 23 May 2010 18:46:29 Tom Furie wrote:
>> On Sun, May 23, 2010 at 10:38:48AM -0400, Andrew Reid wrote:
>> >   Setting the *directory* noexec seems very bad, since the exec bit
>> > on directories controls the ability to cd to it, and turning that
>> > off would make it largely useless.
>>
>> Just for the sake of argument *why* is setting /tmp rw- a bad thing?
>> Surely if you put a file there, you know the full pathname, why would
>> you need to list or search /tmp?
>
>  Well, I don't actually know for sure that it's bad, but it seems
> to invite broken-ness.
>
>  Recursive Makefiles are notorious for cd-ing all over the place,
> but then again, that's usually in the source tree, which may or
> may not be in /tmp, depending where you unpacked it.
>
>  As a theoretical example, I can easily imagine an installer that
> might unpack a set of example configurations into /tmp, and then do
> an "ls" to grep out the one that matches the local output of "uname -m"
> to select it for further architecture-specific processing.  I can easily
> imagine myself writing such a thing.
>
>  So, I confess "making it largely useless" was hyperbolic, but I still
> think it's a bad idea.

Hmm. You're talking about why setting -wx on a /tmp is a bad thing: it
will work but it may break some software trying to do ls /tmp, that's
true.
But Tom was asking why it's bad to set rw- which is much much worse
because you need an x on a dir bit not to just cd but to access its
contents in any way.

Example:
salmin@salmin:~$ mkdir dir
salmin@salmin:~$ ls -ld dir
drwxr-xr-x 2 salmin salmin 4096 May 24 11:01 dir
salmin@salmin:~$ echo 123 > dir/a
salmin@salmin:~$ cat dir/a
123

salmin@salmin:~$ chmod 111 dir
salmin@salmin:~$ ls -ld dir
d--x--x--x 2 salmin salmin 4096 May 24 11:01 dir
salmin@salmin:~$ ls -l dir
ls: cannot open directory dir: Permission denied
salmin@salmin:~$ cat dir/a
123

x is set, r is not: can access dir/a but can't read dir contents

salmin@salmin:~$ chmod 444 dir
salmin@salmin:~$ ls -ld dir
dr--r--r-- 2 salmin salmin 4096 May 24 11:01 dir
salmin@salmin:~$ ls -l dir
ls: cannot access dir/a: Permission denied
total 0
-????????? ? ? ? ?            ? a
salmin@salmin:~$ cat dir/a
cat: dir/a: Permission denied

r is set, x is not: can read dir contents but can not access dir/a.

That's way we can possibly set -wx on /tmp but setting rw- on any dir
will make it completely unusable.

Alexey
Reply to: