Penguin
Recent Changes
Diff: PerUserTempDirs
EditPageHistoryDiffInfoLikePages

Differences between version 10 and predecessor to the previous major change of PerUserTempDirs.

Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History

Newer page: version 10 Last edited on Tuesday, November 16, 2004 6:26:33 pm by AristotlePagaltzis Revert
Older page: version 8 Last edited on Tuesday, November 16, 2004 1:24:52 pm by PhilMurray Revert
@@ -35,7 +35,31 @@
  
 Alternatively the first script can be placed in /etc/profile.d/ and the .bash_logout script can be ignored and the directories can be removed regularly from cron if necessary. 
  
 Ideally Linux could transparently produce a unique /tmp/ for each $USER on the system, but that would break LinuxStandardsBase compiliance and many applications. 
+  
+----  
+  
+No no no no. Don't have the users fiddling things. That's prone to problems, since you need to grant them permissions to be able to do that. The right way is to have the Hand Of God set things up for the users in a directory structure they have no permissions in. Basic setup:  
+  
+ mkdir -m 711 /tmp-safe /tmp-safe/user  
+ mkdir -m 1777 /tmp-safe/global  
+ chown root.root /tmp-safe /tmp-safe/user /tmp-safe/global  
+ ln -s /tmp /tmp-safe/global  
+  
+Now once you have that in place, invoke the following script instead of login(1):  
+  
+ #!/bin/sh  
+ # FIXME: assumes $1 == username, but login(1) takes options, so parse with getopts  
+ mkdir -m 700 /tmp-safe/user/"$1" /tmp/"$1"  
+ chown "$1": /tmp-safe/user/"$1" /tmp/"$1"  
+ mount --bind /tmp-safe/user/"$1" /tmp/"$1" || exit 1  
+ exec /bin/login "$@"  
+  
+Now /tmp and /tmp/$USER have nothing whatsoever to do with each other, and since the latter is merely a mountpoint, whatever permissions a preexisting directory at that location might have had doesn't matter in the slightest. You can have a process cd'ed to /tmp/$USER sitting in the background as long as the user is logged in. If unmounting the bind succeeds, you can delete /tmp-safe/user/$USER  
+  
+Personally I might leave out the /tmp/$USER thing entirely and just point TMPDIR to /tmp-safe/user/$USER. (Do the simplest thing that could possibly work.) You'll have to have cron periodically vacuum the place then of course.  
+  
+--AristotlePagaltzis  
  
 ---- 
 CategorySecurity