pe, 2005-11-04 kello 13:00 +0100, Klaus Ethgen kirjoitti: > Am Fr den 4. Nov 2005 um 5:16 schrieb Noah Meyerhans: > > Within the security team, there has recently been some talk of pushing > > for per-user temp directories by default in etch. I'd like to see what > > That whould be no good idea for security environment where you do > special think to secure /tmp (make it in memory and encrypt swap). With > tempdir in users home all applications like for example gpg write > temporary files to this location which ends up unencrypted on a disk or, > more bad over an unsecure NFS share to the fileserver. > > Please don't do this by default as it break the security of many, many > systems!
I don't think the suggestion was to make TMP=~/tmp, but TMP=/tmp/$USER, where /tmp/$USER is owned by the user in question and is inaccessible to others. Or perhaps I read too much into the proposal? -- Communication via acronyms is rfs. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]