Re: [Ecryptfs-devel] [PATCH] mount.ecryptfs_private/umount.ecryptfs_private counter

Fri, 17 Oct 2008 07:58:04 -0700 

On Fri, 2008-10-17 at 09:36 -0500, Michael Halcrow wrote:
> On Fri, Oct 17, 2008 at 01:30:57AM -0500, Dustin Kirkland wrote:
> > +           asprintf(&f, "/tmp/%s-%s-%s", FSTYPE, u, PRIVATE_DIR) < 0
> 
> Because this file maintains system-level state information and is
> shared among multiple processes (with locking), I would prefer to see
> it somewhere under /var (e.g., /var/ecryptfs/).

I carefully considered /var/run/ecryptfs/, for the reasons you
mentioned, as well as the fact that /var/run is a ramfs in Ubuntu at
least.

However, filesystems under /var are usually usually not writable by
non-privileged users.

I could have moved the file reading/writing code into the setuid section
of the program, but that seemed unnecessary.

Rather, I set the umask appropriately such that the file would be owned
by the executing user and perm'd 700.

I also see a number of other, similar looking state files and
directories in my freshly booted /tmp:

        [EMAIL PROTECTED]:~$ ls -alF /tmp/
        total 108
        drwxrwxrwt 13 root     root         300 2008-10-17 09:51 ./
        drwxr-xr-x 16 root     root       14260 2008-10-17 09:40 ../
        drwx------  2 kirkland kirkland      60 2008-10-17 09:31 .esd-1000/
        drwx------  2 kirkland kirkland      40 2008-10-17 09:31 
.exchange-kirkland/
        drwxrwxrwt  2 root     root          60 2008-10-17 09:31 .ICE-unix/
        drwx------  2 kirkland kirkland     100 2008-10-17 09:31 keyring-06R4tk/
        drwx------  2 kirkland kirkland     680 2008-10-17 09:43 orbit-kirkland/
        drwx------  2 kirkland kirkland      40 2008-10-17 09:48 plugtmp/
        drwx------  2 kirkland kirkland      80 2008-10-17 09:31 pulse-kirkland/
        -r--------  1 kirkland kirkland 2097192 2008-10-17 09:31 
pulse-shm-2443803503
        drwx------  2 kirkland kirkland      60 2008-10-17 09:31 
seahorse-hCFW5G/
        drwx------  3 kirkland kirkland      80 2008-10-17 09:31 
Tracker-kirkland.7414/
        drwx------  2 kirkland kirkland      40 2008-10-17 09:31 
virtual-kirkland.K2QPDu/
        -r--r--r--  1 root     root          11 2008-10-17 09:03 .X0-lock
        drwxrwxrwt  2 root     root          60 2008-10-17 09:03 .X11-unix/




:-Dustin

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Mailing list: https://launchpad.net/~ecryptfs-devel
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~ecryptfs-devel
More help   : https://help.launchpad.net/ListHelp

Reply via email to