Re: /var/run and scripts

Matt Zimmerman: noexec /tmp and /var/tmp seem to create far more problems than they solve. I've run with /tmp set to noexec for quite some time on some machines, and it tend to work quite well. The only thing that seems to fail occasionally is debconf, despite that I point TMPDIR to a directory

Re: /var/run and scripts

On Thu, 4 Sep 2003 05:45, Marco d'Itri wrote: > On Sep 03, Russell Coker <[EMAIL PROTECTED]> wrote: > >Given that /var/tmp is bad for security, what would you suggest? > > It's bad only if your program is broken. And safe creation of temp files > is not hard... Given the history of people getting

Re: /var/run and scripts

On Sep 03, Russell Coker <[EMAIL PROTECTED]> wrote: >Given that /var/tmp is bad for security, what would you suggest? It's bad only if your program is broken. And safe creation of temp files is not hard... So I think that the correct location is /tmp or /var/tmp if the script is temporary or /var

Re: /var/run and scripts

Russell Coker wrote: > The FHS is not clear on whether it is OK to put a script in /var/run. > > If a program wants to create a script and then run it, where should it be > placed? Red Hat has apmd creating such scripts under /var/run. Is this > correct? If not where should it be? One exampl

Re: /var/run and scripts

On Wed, Sep 03, 2003 at 07:34:07AM +0200, Bernd Eckenfels wrote: > I would like to preserve that, especially /tmp and /var/tmp i would not > like to see executable. noexec /tmp and /var/tmp seem to create far more problems than they solve. -- - mdz

Re: /var/run and scripts

On Tue, Sep 02, 2003 at 11:34:02PM +1000, Russell Coker wrote: > The FHS is not clear on whether it is OK to put a script in /var/run. > > If a program wants to create a script and then run it, where should it be > placed? Red Hat has apmd creating such scripts under /var/run. Is this > corre

Re: /var/run and scripts

On Wed, Sep 03, 2003 at 03:20:49PM +1000, Russell Coker wrote: > On Wed, 3 Sep 2003 12:00, Steve Langasek wrote: > > On Wed, Sep 03, 2003 at 11:31:28AM +1000, Russell Coker wrote: > > > On Wed, 3 Sep 2003 11:25, Pierre THIERRY wrote: > > > > > If not where should it be? > > > > > > > > What about /

Re: /var/run and scripts

Anthony Towns, on 2003-09-03, 14:26, you wrote: > What Steve said. Also, /var/lib is the default place for dynamically > created stuff that doesn't have somewhere else to go. If the script needs to be preserved across reboot then put it in /var/lib/pckg/ ; otherwise put it in /var/run/pckg/ . --

Re: /var/run and scripts

Anthony Towns, on 2003-09-03, 14:26, you wrote: > What Steve said. Also, /var/lib is the default place for dynamically > created stuff that doesn't have somewhere else to go. What about /var/lib/package/bin (kind of qmail-style)? Joerg -- Joerg "joergland" Wendland GPG: 51CF8417 FP: 79C0 7671 A

Re: /var/run and scripts

On Wed, 3 Sep 2003 12:00, Steve Langasek wrote: > On Wed, Sep 03, 2003 at 11:31:28AM +1000, Russell Coker wrote: > > On Wed, 3 Sep 2003 11:25, Pierre THIERRY wrote: > > > > If not where should it be? > > > > > > What about /usr/local/ or /var/opt/? The former seems > > > to be the best one, to me..

Re: /var/run and scripts

On Wed, Sep 03, 2003 at 11:31:28AM +1000, Russell Coker wrote: > /var/opt sounds reasonable. What Steve said. Also, /var/lib is the default place for dynamically created stuff that doesn't have somewhere else to go. Cheers, aj -- Anthony Towns <[EMAIL PROTECTED]>

Re: /var/run and scripts

On Tue, Sep 02, 2003 at 11:49:43PM -0500, Gunnar Wolf wrote: > /usr should be mountable read-only... I would go for /var/opt or -if it > is a disposable script- /tmp or /var/tmp (of course, excercising enough > care) On my system I try to have /var mounted noexec, and /usr readonly. Both breaks o

Re: /var/run and scripts

On Tue, 2003-09-02 at 15:34, Russell Coker wrote: > The FHS is not clear on whether it is OK to put a script in /var/run. > If a program wants to create a script and then run it, where should it be > placed? Red Hat has apmd creating such scripts under /var/run. Is this > correct? I know of no

Re: /var/run and scripts

Pierre THIERRY dijo [Wed, Sep 03, 2003 at 03:25:18AM +0200]: > > If not where should it be? > > What about /usr/local/ or /var/opt/? The former seems > to be the best one, to me... /usr should be mountable read-only... I would go for /var/opt or -if it is a disposable script- /tmp or /var/tmp (of

Re: /var/run and scripts

On Wed, Sep 03, 2003 at 11:31:28AM +1000, Russell Coker wrote: > On Wed, 3 Sep 2003 11:25, Pierre THIERRY wrote: > > > If not where should it be? > > What about /usr/local/ or /var/opt/? The former seems > > to be the best one, to me... > /usr/local is not good for files that will be created auto

Re: /var/run and scripts

On Wed, 3 Sep 2003 11:25, Pierre THIERRY wrote: > > If not where should it be? > > What about /usr/local/ or /var/opt/? The former seems > to be the best one, to me... /usr/local is not good for files that will be created automatically from programs that are part of a package, it should be reserv

Re: /var/run and scripts

> If not where should it be? What about /usr/local/ or /var/opt/? The former seems to be the best one, to me... Quickly, le Moine Fou -- [EMAIL PROTECTED] OpenPGP 0xD9D50D8A pgprcp3ynRiSh.pgp Description: PGP signature

/var/run and scripts

The FHS is not clear on whether it is OK to put a script in /var/run. If a program wants to create a script and then run it, where should it be placed? Red Hat has apmd creating such scripts under /var/run. Is this correct? If not where should it be? -- http://www.coker.com.au/selinux/ My