[18290] in bugtraq
Re: where user temp files should go, env var names
daemon@ATHENA.MIT.EDU (Nick Phillips)
Thu Dec 21 15:41:28 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-Id: <20001221125351.C32741@checkaprice.demon.co.uk>
Date: Thu, 21 Dec 2000 12:53:51 +0000
Reply-To: Nick Phillips <nwp@CHECKAPRICE.COM>
From: Nick Phillips <nwp@CHECKAPRICE.COM>
X-To: "Mike A. Harris" <mharris@OPENSOURCEADVOCATE.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.31.0012190052560.1678-100000@asdf.capslock.lan>; from
mharris@OPENSOURCEADVOCATE.ORG on Tue, Dec 19,
2000 at 12:55:34AM -0500
On Tue, Dec 19, 2000 at 12:55:34AM -0500, Mike A. Harris wrote:
> The kernel doesn't differentiate between directories in the
> filesystem. For all the kernel cares /tmp is where user
> directories are stored. The kernel doesn't ever know or treat
> differently any names of dirs in the filesystem. This definitely
> has nothing at all to do with the kernel whatsoever. It is a
> userland programming issue.
>
> The kernel does not impose policy decisions upon systems, that is
> what a sysadmin is for. Fix the programmer.
This is illogical. The sysadmin makes the policy and uses the kernel
(amongst other things) to impose it. In this instance the programmer
is effectively just another user who cannot be trusted. Therefore it
is reasonable for the kernel to provide the sysadmin with the means
to enforce their policy on programmers as well as "normal" users.
By all means fix the programmers too, but remember that they are just
a particular type of user using the facilities provided to them; if
the facilities provided to them (libs, syscalls, kernel etc.) allow
them to do silly things, you should expect them to do silly things.
Cheers,
Nick
