On Thu, 4 Sep 2003 05:45, Marco d'Itri wrote:
On Sep 03, Russell Coker [EMAIL PROTECTED] wrote:
Given that /var/tmp is bad for security, what would you suggest?
It's bad only if your program is broken. And safe creation of temp files
is not hard...
Given the history of people getting it
Matt Zimmerman:
noexec /tmp and /var/tmp seem to create far more problems than they
solve.
I've run with /tmp set to noexec for quite some time on some machines, and
it tend to work quite well. The only thing that seems to fail occasionally
is debconf, despite that I point TMPDIR to a directory
Pierre THIERRY dijo [Wed, Sep 03, 2003 at 03:25:18AM +0200]:
If not where should it be?
What about /usr/local/package or /var/opt/package? The former seems
to be the best one, to me...
/usr should be mountable read-only... I would go for /var/opt or -if it
is a disposable script- /tmp or
On Tue, 2003-09-02 at 15:34, Russell Coker wrote:
The FHS is not clear on whether it is OK to put a script in /var/run.
If a program wants to create a script and then run it, where should it be
placed? Red Hat has apmd creating such scripts under /var/run. Is this
correct?
I know
On Tue, Sep 02, 2003 at 11:49:43PM -0500, Gunnar Wolf wrote:
/usr should be mountable read-only... I would go for /var/opt or -if it
is a disposable script- /tmp or /var/tmp (of course, excercising enough
care)
On my system I try to have /var mounted noexec, and /usr readonly. Both
breaks of
On Wed, Sep 03, 2003 at 11:31:28AM +1000, Russell Coker wrote:
/var/opt sounds reasonable.
What Steve said. Also, /var/lib is the default place for dynamically
created stuff that doesn't have somewhere else to go.
Cheers,
aj
--
Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/
I
On Wed, 3 Sep 2003 12:00, Steve Langasek wrote:
On Wed, Sep 03, 2003 at 11:31:28AM +1000, Russell Coker wrote:
On Wed, 3 Sep 2003 11:25, Pierre THIERRY wrote:
If not where should it be?
What about /usr/local/package or /var/opt/package? The former seems
to be the best one, to me...
Anthony Towns, on 2003-09-03, 14:26, you wrote:
What Steve said. Also, /var/lib is the default place for dynamically
created stuff that doesn't have somewhere else to go.
What about /var/lib/package/bin (kind of qmail-style)?
Joerg
--
Joerg joergland Wendland
GPG: 51CF8417 FP: 79C0 7671 AFC7
Anthony Towns, on 2003-09-03, 14:26, you wrote:
What Steve said. Also, /var/lib is the default place for dynamically
created stuff that doesn't have somewhere else to go.
If the script needs to be preserved across reboot then put it
in /var/lib/pckg/ ; otherwise put it in /var/run/pckg/ .
--
On Wed, Sep 03, 2003 at 03:20:49PM +1000, Russell Coker wrote:
On Wed, 3 Sep 2003 12:00, Steve Langasek wrote:
On Wed, Sep 03, 2003 at 11:31:28AM +1000, Russell Coker wrote:
On Wed, 3 Sep 2003 11:25, Pierre THIERRY wrote:
If not where should it be?
What about /usr/local/package
On Tue, Sep 02, 2003 at 11:34:02PM +1000, Russell Coker wrote:
The FHS is not clear on whether it is OK to put a script in /var/run.
If a program wants to create a script and then run it, where should it be
placed? Red Hat has apmd creating such scripts under /var/run. Is this
correct
On Wed, Sep 03, 2003 at 07:34:07AM +0200, Bernd Eckenfels wrote:
I would like to preserve that, especially /tmp and /var/tmp i would not
like to see executable.
noexec /tmp and /var/tmp seem to create far more problems than they solve.
--
- mdz
Russell Coker wrote:
The FHS is not clear on whether it is OK to put a script in /var/run.
If a program wants to create a script and then run it, where should it be
placed? Red Hat has apmd creating such scripts under /var/run. Is this
correct? If not where should it be?
One example
On Sep 03, Russell Coker [EMAIL PROTECTED] wrote:
Given that /var/tmp is bad for security, what would you suggest?
It's bad only if your program is broken. And safe creation of temp files
is not hard...
So I think that the correct location is /tmp or /var/tmp if the script
is temporary or
The FHS is not clear on whether it is OK to put a script in /var/run.
If a program wants to create a script and then run it, where should it be
placed? Red Hat has apmd creating such scripts under /var/run. Is this
correct? If not where should it be?
--
http://www.coker.com.au/selinux
If not where should it be?
What about /usr/local/package or /var/opt/package? The former seems
to be the best one, to me...
Quickly,
le Moine Fou
--
[EMAIL PROTECTED]
OpenPGP 0xD9D50D8A
pgprcp3ynRiSh.pgp
Description: PGP signature
On Wed, 3 Sep 2003 11:25, Pierre THIERRY wrote:
If not where should it be?
What about /usr/local/package or /var/opt/package? The former seems
to be the best one, to me...
/usr/local is not good for files that will be created automatically from
programs that are part of a package, it should
On Wed, Sep 03, 2003 at 11:31:28AM +1000, Russell Coker wrote:
On Wed, 3 Sep 2003 11:25, Pierre THIERRY wrote:
If not where should it be?
What about /usr/local/package or /var/opt/package? The former seems
to be the best one, to me...
/usr/local is not good for files that will be
18 matches
Mail list logo