[927] in testers
reboot doesn't clean /tmp
daemon@ATHENA.MIT.EDU (daemon@ATHENA.MIT.EDU)
Wed Jul 25 13:36:26 1990
Date: Wed, 25 Jul 90 13:35:58 -0400
From: "Jonathan I. Kamens" <jik@PIT-MANAGER.MIT.EDU>
To: mar@MIT.EDU
Cc: testers@MIT.EDU
In-Reply-To: Mark Rosenstein's message of Wed, 25 Jul 90 13:29:27 -0400 <9007251729.AA00364@TOTO.MIT.EDU>
Date: Wed, 25 Jul 90 13:29:27 -0400
From: Mark Rosenstein <mar@MIT.EDU>
Sender: mar@MIT.EDU
I don't know if this is new with this release or not, but I just
noticed that rebooting didn't clean /tmp, which means all of my
kerberos ticket files are still there from before the crash. I
consider this a security hole.
It's not new and it's not considered a bug; /tmp/ is only cleared on
reboots on public workstations; private workstations are assumed to be
secure, and therefore if a ticket file in /tmp isn't owned by a user,
it can't be read by that user.
I'm willing to be convinced that even private workstations should do
"rm -rf /tmp/tkt*", but I'm not convinced of that yet. If you want
your workstation to clean /tmp, it would probably be easier to do it
in /etc/rc.local than to convince everybody :-).
jik
