On Sat, 7 Aug 1999, Darren Reed wrote:
> In some mail from Tim Fletcher, sie said:
> >
> > > I think I defeated myself in trying to explain the implementation I was
> > > trying to describe. For each user, when they login, a virtual /tmp is
> > > created and that is shared between all sessions that user has. This is
> > > setup at login time and is carried forth to all children, root or not,
> > > and cannot be reset (somewhat akin to chroot) unless devious methods are
> > > employed (i.e. write to /dev/mem).
> > >
> > > So if I have 10 logins to host foo, each login sees the same /tmp, even
> > > the root shells I generate via su/sudo in half. If I login as root, I
> > > don't have the same /tmp (I get a different one). cron/at jobs would
> > > be no different. So the `real' /tmp could even be 755 root.wheel.
> >
> > Although it does rather cripple /tmp in another way: That of sharing
> > information between users. If I tell another user that the file s/he wants
> > is in /tmp (as my /home/tim dir is 711 with most files 600) I don't have
> > to mess with file perms and s/he doesn't have to get the exact right name
> > to read the file.
>
> Why do they need to access your home dir ? You're making assumptions
> which you probably shouldn't...
>
I think perhaps you misread what he was saying. He's not saying that he
wants another user to have access to his /home dir. He is, however,
saying that a common /tmp makes it possible for him to share files with
another user without compromising his own security. If /tmp was assigned
on a per-user basis, he would be unable to use the /tmp directory in that
fashion.
---
Doug Harple / Community Connect
[EMAIL PROTECTED]
