[GLLUG] Sharing /tmp Among Distros
C. Ulrich
dincht at securenym.net
Thu Jun 12 15:25:45 EDT 2003
Melson, Paul wrote:
> <p alt="Arnold Dingfelder Horshack">
> Oooh! Oooh! Mistair Kottair, I know why!
> </p>
>
> Because /tmp is often chmod 1777 or 777, there are security risks
> associated with having a script (especially an init script, which would
> typically run as root) delete content from /tmp. For example, a
> malicious user could create a link from some place in /tmp to
> /etc/passwd which could then be unlinked by the init script at boot.
> There are ways of mitigating this specific problem (i.e. `find /tmp
> -type f |xargs rm`), but it's generally considered a bad practice to
> bulk remove content from any world-writable directory.
>
> PaulM
>
> -----Original Message-----
> (I have often wondered why most/all distros don't have a line in the
> init scripts that cleans out /tmp during either each startup or
> shutdown.)
>
I'll wonder no longer. :)
--
http://bityard.net
More information about the linux-user
mailing list