[GLLUG] Sharing /tmp Among Distros
Sean
picasso at madflower.com
Thu Jun 12 15:00:15 EDT 2003
why not just put /tmp on a ramdisk and be done with it?
On Thu, 12 Jun 2003, C. Ulrich wrote:
> Melson, Paul wrote:
> > <p alt="Arnold Dingfelder Horshack">
> > Oooh! Oooh! Mistair Kottair, I know why!
> > </p>
> >
> > Because /tmp is often chmod 1777 or 777, there are security risks
> > associated with having a script (especially an init script, which would
> > typically run as root) delete content from /tmp. For example, a
> > malicious user could create a link from some place in /tmp to
> > /etc/passwd which could then be unlinked by the init script at boot.
> > There are ways of mitigating this specific problem (i.e. `find /tmp
> > -type f |xargs rm`), but it's generally considered a bad practice to
> > bulk remove content from any world-writable directory.
> >
> > PaulM
> >
> > -----Original Message-----
> > (I have often wondered why most/all distros don't have a line in the
> > init scripts that cleans out /tmp during either each startup or
> > shutdown.)
> >
>
> I'll wonder no longer. :)
>
>
More information about the linux-user
mailing list