Mktemp is not in the book
pchllck at nexgo.de
Fri Jan 31 09:37:54 PST 2003
[31.01.2003] Craig Hurley <-- :
> In the script could you not append "-$RANDOM" to the end of the tmpfile
> name, run a test to see if that name exists in /tmp (if so call $RANDOM
> again, test)? That could give the illusion of securty in bzdiff.
I thought of all that stuff, just because of mktemp() and such ... and
generally (as LFS does not deal with quota) I tend to say, keep the
users at /home, if they want to bzdiff 2 mozilla building logs, shall
they do it but not in public. But hell, what do we have /tmp for and
1.) how often do you use those bz...
2.) on what files do you use those, certainly not on mysecrets.bz2
The only scenario I thought being problematic with putting the whole
temporary stuff into /tmp was
1.) what happens if 2 people by chance do that on the same file?
-> we create our own directory, named PID, so that is *always* unique
another user will have a different PID
2.) what happens if someone is going to read the unzipped file?
-> we have a 700 mode on the working directory
-> /tmp is sticky, unless you forgot a line in the book :(
-> if someone is able to read *that* directory contents,
the alternate (use $HOME instead of /tmp) is as useless as
-> and we immediately delete the working directory if diff is done
Erika ...---...: pacholleck at nexgo dot de
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-dev' in the subject header of the message
More information about the lfs-dev