Differences between version 10 and previous revision of PerUserTempDirs.
Other diffs: Previous Major Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 10 | Last edited on Tuesday, November 16, 2004 6:26:33 pm | by AristotlePagaltzis | Revert |
| Older page: | version 9 | Last edited on Tuesday, November 16, 2004 6:11:51 pm | by AristotlePagaltzis | Revert |
@@ -54,12 +54,12 @@
chown "$1": /tmp-safe/user/"$1" /tmp/"$1"
mount --bind /tmp-safe/user/"$1" /tmp/"$1" || exit 1
exec /bin/login "$@"
-Now /tmp and /tmp/$USER have nothing whatsoever to do with each other, and since the latter is merely a mountpoint, whatever permissions a preexisting directory at that location might have had doesn't matter in the slightest. Though personally I
'd leave out the
/tmp/$USER thing entirely and just point TMPDIR to
/tmp-safe/user/$USER. (Do the simplest thing that could possibly work.)
+Now /tmp and /tmp/$USER have nothing whatsoever to do with each other, and since the latter is merely a mountpoint, whatever permissions a preexisting directory at that location might have had doesn't matter in the slightest. You can have a process cd
'ed to
/tmp/$USER sitting in the background as long as the user is logged in. If unmounting the bind succeeds, you can delete
/tmp-safe/user/$USER
-You'll have to have cron periodically vacuum the place of course.
+Personally I might leave out the /tmp/$USER thing entirely and just point TMPDIR to /tmp-safe/user/$USER. (Do the simplest thing that could possibly work.)
You'll have to have cron periodically vacuum the place then
of course.
--AristotlePagaltzis
----
CategorySecurity
