[GLLUG] Sharing /tmp Among Distros
Melson, Paul
PMelson at sequoianet.com
Thu Jun 12 10:35:00 EDT 2003
<p alt="Arnold Dingfelder Horshack">
Oooh! Oooh! Mistair Kottair, I know why!
</p>
Because /tmp is often chmod 1777 or 777, there are security risks
associated with having a script (especially an init script, which would
typically run as root) delete content from /tmp. For example, a
malicious user could create a link from some place in /tmp to
/etc/passwd which could then be unlinked by the init script at boot.
There are ways of mitigating this specific problem (i.e. `find /tmp
-type f |xargs rm`), but it's generally considered a bad practice to
bulk remove content from any world-writable directory.
PaulM
-----Original Message-----
(I have often wondered why most/all distros don't have a line in the
init scripts that cleans out /tmp during either each startup or
shutdown.)
More information about the linux-user
mailing list