> A subdir in /tmp can certainly have my ownership and permissions. > And I guess they can't delete the directory because it isn't > empty, but with permissions on the parent directory, can't they > move it?
Picky, picky, picky. Well, for completeness I suppose we should mention the "deleted file" trick (not necessarily better than your flock trick) where your app creates its secret-squirrel file in /tmp and then deletes it while holding it open. (This trick is popular with malware eg. the Flash plugin) Your confederates can identify likely instances of your app using ps and then verify by reading the secret-squirrel file via the symlinked handle in /proc/$yourPIDhere/fd. Since the file has no directory entry it can't be deleted by friend or foe and only those with appropriate privileges can access it as described, and all traces vanish upon process termination. Example: # echo HiMom > /tmp/SecretSquirrelFile # sleep 1000 < /tmp/SecretSquirrelFile & [2] 29570 # rm /tmp/SecretSquirrelFile # ls -laF /tmp/SecretSquirrelFile ls: cannot access /tmp/SecretSquirrelFile: No such file or directory # ls -laF /proc/$(pidof sleep)/fd total 0 dr-x------ 2 mod mod 0 May 23 08:58 ./ dr-xr-xr-x 8 mod mod 0 May 23 08:57 ../ lr-x------ 1 mod mod 64 May 23 08:58 0 -> /tmp/SecretSquirrelFile (deleted) lrwx------ 1 mod mod 64 May 23 08:58 1 -> /dev/pts/0 lrwx------ 1 mod mod 64 May 23 08:58 2 -> /dev/pts/0 # readlink /proc/$(pidof sleep)/fd/0 /tmp/SecretSquirrelFile (deleted) # cat /proc/$(pidof sleep)/fd/0 HiMom _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/