* Kurt Seifried
| > PAM handles this quite nicely.
| >
| > I've hacked together a PAM module which sets TMPDIR (and TMP) to
| > /tmp/user/uid, which I could probably make available (mail me if you
| > are interested). Fixing programs to use TMP and TMPDIR is the correct
| > solution.
|
| No need for that when we have "pam_env". From the docs "This module allows the
| (un)setting of environment variables. Supported is the use of previously set
| environment variables as well as PAM_ITEMs such as PAM_RHOST."
|
| /etc/security/pam_env.conf
I couldn't get it to set TMP to something which was per-user (which is
probably easy, but it wouldn't cooperate with me), and it doesn't (and
shouldn't) create the tmpdir for you. This is implemented in a nicer
(imho) way in pam_tmpdir which removes the need for world writable
/tmp/user/ . An alternative which would be able to do the exact same
thing is get pam_env to set TMP and TMPDIR and have a suid
create-tmpdir-program which creates the /tmp/user/$UID .
--
Tollef Fog Heen
Unix _IS_ user friendly... It's just selective about who its friends are.
