enhance security via private TMP/TMPDIR by default
Matthew Miller
mattdm at mattdm.org
Wed Jun 1 19:16:11 UTC 2005
On Fri, May 27, 2005 at 04:15:45PM -0400, Peter Jones wrote:
> Yeah, that's better than just blindly using ~/tmp/. But why have the
> extra complexity? Why not always do mktemp and the bind+namespace
> magic? This does have some advantage -- all users' tmp dirs are created
> the way the admin intended when he set the system up, and they're easy
> to find if he needs to look for them, for whatever reason.
Well, at this point, the bind+namespace magic is more complex. But it seems
sufficiently promising that it's probably worth waiting until it's solid
before implementing anything.
--
Matthew Miller mattdm at mattdm.org <http://www.mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
Current office temperature: 78 degrees Fahrenheit.
More information about the devel
mailing list