[alexandria-devel] Proposed addition of temporary file creation utilities
Daniel Herring
dherring at tentpost.com
Thu Apr 26 00:47:19 UTC 2012
On Wed, 25 Apr 2012, Hans Hübner wrote:
> Windows and OSX do better than Unix by default in that they have user
> specific temporary directories, and this is all that we're discussing
> anyway. The only isolation that one can hope to have is on a per-user
> level, i.e. one may want to prevent that a process running under a
> some user ID can access a (temporary or non-temporary) file created by
> a process running under a different user ID. By making the
> user-specific temporary directories inaccessible to other user IDs,
> this goal is neatly achieved.
What you describe is very similar to the mktemp command on most linux
systems. Use the TMPDIR environment variable, create a directory, etc.
http://www.mktemp.org/manual.html
http://www.gnu.org/software/coreutils/manual/html_node/mktemp-invocation.html
http://en.wikipedia.org/wiki/TMPDIR
Whether these directories are somewhere in a home directory or collected
under /tmp is irrelevant to security -- permissions in either place can be
toggled. Collecting them under /tmp is convenient if "root" wants to blow
them all away at once, and many systems are set up to automate such
cleanup.
- Daniel
More information about the alexandria-devel
mailing list