[18335] in bugtraq
Re: /tmp
daemon@ATHENA.MIT.EDU (Dan Stromberg)
Fri Dec 22 18:52:02 2000
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="VbJkn9YxBvnuCH5J"
Content-Disposition: inline
Message-ID: <20001222084227.A32129@seki.acs.uci.edu>
Date: Fri, 22 Dec 2000 08:42:27 -0800
Reply-To: Dan Stromberg <strombrg@NIS.ACS.UCI.EDU>
From: Dan Stromberg <strombrg@NIS.ACS.UCI.EDU>
X-To: Michal Zalewski <lcamtuf@dione.ids.pl>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.30.0012221113400.25893-100000@dione.ids.pl>; from
lcamtuf@dione.ids.pl on Fri, Dec 22, 2000 at 11:26:13AM +0100
--VbJkn9YxBvnuCH5J
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Dec 22, 2000 at 11:26:13AM +0100, Michal Zalewski wrote:
> Please tell me why are you considering /tmp as the only one solution?
> Moving runtime temporary files that do not *have* to be shared from /tmp
> to eg. ~/tmp is pretty good solution, as well. Unfortunately, this won't
> solve numerous problems of programs that are not following mk*temp()
> convention, creating eg. pid-based temporary files ;) On the other hand,
> most of context pseudo-filesystem / redirection solutions (like making
> real location of /tmp entries for every UID different) might broke eg. X
> server / clients functionality etc.
I am displeased with ~/tmp, because I believe constructing a reliable
~/tmp scrubber would be problematic.
Consider: what if most, but not all, of the home directories a machine
sees are NFS mounted? What if the NFS server is down when you try to
check ~/tmp to see if it is local?
What if the NFS server doesn't have a ~/tmp scrubber, and it might be
a pain to provide one? (possible example (really not sure) : netapp)
--=20
Dan Stromberg UCI/NACS/DCS
--VbJkn9YxBvnuCH5J
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6Q4Ryo0feVm00f/8RAgtSAJ9uURHQ3LkD30fNGI4DOdIVKvUVMwCfSn9e
bz976iJr9er5nDgN8SX201M=
=j7EG
-----END PGP SIGNATURE-----
--VbJkn9YxBvnuCH5J--
