Mktemp is not in the book

Erika Pacholleck pchllck at nexgo.de
Fri Jan 31 09:37:54 PST 2003


[31.01.2003] Craig Hurley <-- :
> In the script could you not append "-$RANDOM" to the end of the tmpfile
> name, run a test to see if that name exists in /tmp (if so call $RANDOM
> again, test)?  That could give the illusion of securty in bzdiff. 

I thought of all that stuff, just because of mktemp() and such ... and
generally (as LFS does not deal with quota) I tend to say, keep the
users at /home, if they want to bzdiff 2 mozilla building logs, shall
they do it but not in public. But hell, what do we have /tmp for and
1.) how often do you use those bz...
2.) on what files do you use those, certainly not on mysecrets.bz2

The only scenario I thought being problematic with putting the whole
temporary stuff into /tmp was

1.) what happens if 2 people by chance do that on the same file?
 -> we create our own directory, named PID, so that is *always* unique
    another user will have a different PID

2.) what happens if someone is going to read the unzipped file?
 -> we have a 700 mode on the working directory
 -> /tmp is sticky, unless you forgot a line in the book :(
 -> if someone is able to read *that* directory contents,
    the alternate (use $HOME instead of /tmp) is as useless as
    anything else
 -> and we immediately delete the working directory if diff is done

-- 
Erika ...---...: pacholleck at nexgo dot de
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-dev' in the subject header of the message



More information about the lfs-dev mailing list