Bugtraq mailing list archives

Re: user flags in public temp space (was Re: chflags() [heads up])

From: tim () NIGHT-SHADE DEMON CO UK (Tim Fletcher)
Date: Sat, 7 Aug 1999 02:43:59 +0100

I think I defeated myself in trying to explain the implementation I was
trying to describe.  For each user, when they login, a virtual /tmp is
created and that is shared between all sessions that user has.  This is
setup at login time and is carried forth to all children, root or not,
and cannot be reset (somewhat akin to chroot) unless devious methods are
employed (i.e. write to /dev/mem).

So if I have 10 logins to host foo, each login sees the same /tmp, even
the root shells I generate via su/sudo in half.  If I login as root, I
don't have the same /tmp (I get a different one).  cron/at jobs would
be no different.  So the `real' /tmp could even be 755 root.wheel.


I see what you are getting at basically /tmp becomes an extention to the
per user memory space. (bad analogy on my part but I can't think of a
better one :)

Although it does rather cripple /tmp in another way: That of sharing
information between users. If I tell another user that the file s/he wants
is in /tmp (as my /home/tim dir is 711 with most files 600) I don't have
to mess with file perms and s/he doesn't have to get the exact right name
to read the file.

You also may have problems as the /tmp space you suggest (~/tmp mapped to
/tmp) is then inside a users quota'ed directory which is often a bad idea,
this blocks logins as no tmp space is avalible hence login fails, so you
can clear out your ~/tmp space, a chicken / egg problem :). You are all
well and good quotaing or mounting /tmp to stop / filling up but the point
is the the /home and /tmp quotas should be different.

--

      Tim Fletcher                  .~.
                                    /V\       L   I   N   U   X
   tjdf () st-andrews ac uk           // \  >Don't fear the penguin<
tim () night-shade demon co uk       /(   )\
                                   ^^-^^

"First they ignore you. Then they laugh at you.
   Then they fight you. Then you win." - Gandhi

Current thread:

user flags in public temp space (was Re: chflags() [heads up]) Strange (Aug 04)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Brett Lymn (Aug 05)
  - Re: user flags in public temp space (was Re: chflags() [heads up]) Jason Bratton (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Theo de Raadt (Aug 05)
  - Re: user flags in public temp space (was Re: chflags() [heads up]) Andrew Brown (Aug 05)
  - Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 05)
    - Re: user flags in public temp space (was Re: chflags() [heads up]) Theo de Raadt (Aug 06)
    - Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 06)
    - Re: user flags in public temp space (was Re: chflags() [heads up]) Tim Fletcher (Aug 06)
    - Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 07)
    - Re: user flags in public temp space (was Re: chflags() [heads up]) Doug Harple (Aug 09)
    - Re: user flags in public temp space (was Re: chflags() [heads up Adam Morris (Aug 09)
    - Re: user flags in public temp space (was Re: chflags() [heads up James E. Pace (Aug 10)
    - New cfingerd 1.4.0 - Configurable Finger Daemon Martin Schulze (Aug 10)
    - profil(2) bug, a simple test program Ross Harvey (Aug 09)
    - ISS Security Advisory: Denial of Service Attack Against Windows NT Terminal Server X-Force (Aug 09)
    - Uploaded cfingerd 1.3.2-18.1 for Debian (security fix) Leszek Gerwatowski (Aug 09)
  - Re: user flags in public temp space (was Re: chflags() [heads up]) Strange (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) sirsyko () TEMP ISHIBOO COM (Aug 05)

(Thread continues...)