On Wed, Aug 27, 2008 at 09:06:58AM +0200, Julien Valroff wrote: > Do you suggest that using /var/run/rkhunter-debug is better > than /tmp/rkhunter-debug.XXXXXXXX (created using mktemp)?
Yes - primarily from usability standpoint. This time, having a fixed filename is better, and since rkhunter needs to be run as root anyway (does it?), /var/run should do and be safe. However, if I am wrong in my assumption that rkhunter requires root, then indeed /var/run is not appropriate - and the mktemp approach makes sense. > or is that still using mktemp to create a /var/run/rkhunter-debug.XXXXXX > file? No. > Can you explain why it is more secure? That was not the point I was making. Rather, the point was/is that mktemp is normally used for program-internal and truly temporary files, and this time we have a file that is meant to be accessed by a human user - so a fixed filename in a directory only writable by root may be more appropriate. However, once again, if rkhunter may reasonably be run by non-root (I just don't know, I've never used rkhunter), then "mktemp -t ..." may be appropriate as it will retain that capability. Alexander -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]