Re: user flags in public temp space (was Re: chflags() [heads up])

[dharple () MAIL COMMUNITYCONNECT COM (Doug Harple)]

On Sat, 7 Aug 1999, Darren Reed wrote:

> In some mail from Tim Fletcher, sie said:
> > > I think I defeated myself in trying to explain the implementation I was
> > > trying to describe.  For each user, when they login, a virtual /tmp is
> > > created and that is shared between all sessions that user has.  This is
> > > setup at login time and is carried forth to all children, root or not,
> > > and cannot be reset (somewhat akin to chroot) unless devious methods are
> > > employed (i.e. write to /dev/mem).
> > >
> > > So if I have 10 logins to host foo, each login sees the same /tmp, even
> > > the root shells I generate via su/sudo in half.  If I login as root, I
> > > don't have the same /tmp (I get a different one).  cron/at jobs would
> > > be no different.  So the `real' /tmp could even be 755 root.wheel.
> >
> > Although it does rather cripple /tmp in another way: That of sharing
> > information between users. If I tell another user that the file s/he wants
> > is in /tmp (as my /home/tim dir is 711 with most files 600) I don't have
> > to mess with file perms and s/he doesn't have to get the exact right name
> > to read the file.
>
> Why do they need to access your home dir ?  You're making assumptions
> which you probably shouldn't...

I think perhaps you misread what he was saying.  He's not saying that he
wants another user to have access to his /home dir.  He is, however,
saying that a common /tmp makes it possible for him to share files with
another user without compromising his own security.  If /tmp was assigned
on a per-user basis, he would be unable to use the /tmp directory in that
fashion.

---
Doug Harple / Community Connect
dharple () mail communityconnect com