On Saturday, 1 October 2016 at 19:51:05 UTC, Dicebot wrote:
I think that is OK but only if actual file inside the dir is created with `mktemp --tmpdir=/tmp/.dmd-test-run/` (or using a similar technique).
This is not sufficient. Any user can create a symlink from /tmp/.dmd-test-run/ to e.g. /very/private/root/directory/ (that user can't access it, but symlinks don't check the permission of the target). Executed as root user, mktemp then creates a unique file in /very/private/root/directory/. Which can be used for example to litter a filesystem, which hurts performance or fills disks.
That's why I was saying /tmp/.dmd-test-run/ should have permissions 0700. I think a better naming scheme would be /tmp/dmd-testrun-username/, or if that already exists with wrong permissions /tmp/dmd-testrun-username-RANDOMCHARS/. The files inside that directory don't need to have random names (afaik).
It seems like more practical issue is simply that no regular destruction of /tmp/ happens on your system.
I'm not sure what you were implying by this. Deleting anything in /tmp while it's mounted is a very bad idea. The permission-check of /tmp/dmd-testrun-username/ relies on the fact that the directory won't be deleted. If it will, then this introduces a race condition.
