Proposing Fedora Feature for private /tmp and /var/tmp for all systemd services in Fedora 17.
Chris Adams
cmadams at hiwaay.net
Wed Nov 9 19:11:36 UTC 2011
Once upon a time, Miloslav Trmač <mitr at volny.cz> said:
> On Wed, Nov 9, 2011 at 10:10 AM, Benny Amorsen <benny+usenet at amorsen.dk> wrote:
> > How about making a non-world-writable directory somewhere for this
> > purpose, with service-named directories beneath it?
> >
> > That is yet another thing for sysadms to learn about of course, unless
> > it is placed in /tmp itself which creates some security problems
> > again...
> What security problems do you mean?
Users can create entries in /tmp, which can cause a number of race
conditions.
I like the idea of using /tmp/.systemd (or /tmp/systemd, /tmp/init,
etc.) to separate the systemd-created private tmps.
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
More information about the devel
mailing list