[alexandria-devel] Proposed addition of temporary file creation utilities

Daniel Herring dherring at tentpost.com
Thu Apr 26 00:47:19 UTC 2012


On Wed, 25 Apr 2012, Hans Hübner wrote:
> Windows and OSX do better than Unix by default in that they have user
> specific temporary directories, and this is all that we're discussing
> anyway.  The only isolation that one can hope to have is on a per-user
> level, i.e. one may want to prevent that a process running under a
> some user ID can access a (temporary or non-temporary) file created by
> a process running under a different user ID.  By making the
> user-specific temporary directories inaccessible to other user IDs,
> this goal is neatly achieved.

What you describe is very similar to the mktemp command on most linux 
systems.  Use the TMPDIR environment variable, create a directory, etc.

http://www.mktemp.org/manual.html
http://www.gnu.org/software/coreutils/manual/html_node/mktemp-invocation.html

http://en.wikipedia.org/wiki/TMPDIR


Whether these directories are somewhere in a home directory or collected 
under /tmp is irrelevant to security -- permissions in either place can be 
toggled.  Collecting them under /tmp is convenient if "root" wants to blow 
them all away at once, and many systems are set up to automate such 
cleanup.

- Daniel


More information about the alexandria-devel mailing list