On Sun, 20 Jul 2008 00:44:48 +1000, Ben Schmidt <[EMAIL PROTECTED]> wrote:
> As has been pointed out, making a directory in /tmp is more secure. More > specifically, making a directory and putting a file in it (there is a > race condition there, of course...but checking/setting the mode can > ensure security, I think). The directory can't be deleted and replaced > unless empty, and can't be emptied if not writable. On Unix directories can be deleted when not empty. I've done it by accident. So long as there's a process with the directory as its current directory the directory remains there, although the absence of a ".." link breaks many commands that expect a sensible filesystem structure. It's inadvisable to do it, however, and fsck usually has a few comments to make about the situation. For security you need to set umask to 077, find a directory that has the sticky bit set, ensure that all ancestors of that directory are unwriteable by general users, create your own temporary directory, and then create your files in that directory. > On regular annoyance I have is that my system periodically cleans up > /tmp and removes Vim's temp directories, and since a long-running Vim > process created the directory, it assumes it's there and doesn't > recreate it but just gives errors. Shouldn't it only clear out things that haven't been used for a while? The whole point of /tmp is that it's somewhere for short-term storage, not no-term storage. -- Matthew Winn --~--~---------~--~----~------------~-------~--~----~ You received this message from the "vim_dev" maillist. For more information, visit http://www.vim.org/maillist.php -~----------~----~----~----~------~----~------~--~---
