On Mon, Jul 01, 2019 at 05:01:20PM -0500, Derek Martin wrote: > On Sat, Jun 29, 2019 at 03:09:57AM +0200, Vincent Lefevre wrote: > > > This isn't a problem, except that you need to decide what to do when > > > it happens. In such a case your mkdir will fail, and you will have to > > > resort to some back-up plan. > > > > which is why I use /var/tmp. It's guaranteed to work. > > How's that? It has the exact same semantics as /tmp. On a multiuser > system, someone could log in after a reboot and create > /var/tmp/vincent and you're in exactly the same boat.
FWIW was momentarily confused here... of course /var/tmp won't auto-clean after a reboot. But it will still need to be cleaned up periodically by the sysadmin when it inevitably fills, and if your directory is removed at that time the exploit becomes available. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience.
pgpHICjkaPW5u.pgp
Description: PGP signature
