Joshua Judson Rosen <roz...@geekspace.com> writes: > > Bill Freeman <ke1g...@gmail.com> writes: > > > > I can probably count on running on a linux box, so I can probably count > > on > > the FHS. But the downside of tmp is that any process can also delete my pid > > file (as opposed to having to be either root or the user created for the > > program). > > The sticky-bit (0001, or +t) set on /tmp prevents that from being true, > e.g.:
Uh, oops: sticky is 01000, not 0001. Forgot to htons() before sending, or something.... > jrosen@jz:~$ touch /tmp/foo > jrosen@jz:~$ ls -ld /tmp /tmp/foo > drwxrwxrwt 17 root root 4096 May 21 20:05 /tmp > -rw-r--r-- 1 jrosen jrosen 0 May 21 20:05 /tmp/foo > jrosen@jz:~$ sudo chown nobody.nogroup /tmp/foo > [sudo] password for jrosen: > jrosen@jz:~$ ls -ld /tmp /tmp/foo > drwxrwxrwt 17 root root 4096 May 21 20:05 /tmp > -rw-r--r-- 1 nobody nogroup 0 May 21 20:05 /tmp/foo > jrosen@jz:~$ rm /tmp/foo > rm: remove write-protected regular empty file `/tmp/foo'? y > rm: cannot remove `/tmp/foo': Operation not permitted > > I don't see "/tmp should be sticky" in FHS, but I think everyone > (maybe excepting some embedded systems) does it, don't they? > > Seems like /tmp would be a *very* scary place without a sticky-bit.... -- "Don't be afraid to ask (λf.((λx.xx) (λr.f(rr))))." _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/