On Wed, 13 Sep 2000 13:08:24 -0700, Carl Ollivier-Gooch wrote:
>> > And security/privacy means always security/privacy to be enforced by
>> > default, unless somebody who knows what he is doing decides against
>> > them. (Most commercial Linux distributions entirely would disagree; but
>> > they are biased, because they must survive in M$ biotopes! ;-< And this
>> > is not at all meant pejoratively!)
>> >
>>
>> well I think if someone is writing sensitive information in a multi-user
>> environment, they'd better know about this anyway. It would be up to the
>> system administrator to set a global umask or whatever otherwise ...
Life tells us you never knew beforehand something was sensitive,
eventually.
>> > So the default as well as the fallback should be some ~/.lyx/tmp/
>> > directory. This would leave behind tmp files in case of a LyX crash,
>> > which is only a good thing, isn't it?
>> well, I have a feeling this would bring many complaints from university
>> students with small quotas and large reports ;) yes, it would be
>> configurable, but I think /tmp is a reasonable default (I agree that
>> this world-writable directory thing was always a bad idea though)
>
>Why not set up the /tmp/lyx_... directory itself as mode 700? Shouldn't
>this take care of the issue at hand?
hmm...
CHMOD(2) FreeBSD System Calls Manual
NAME
chmod, fchmod, lchmod - change mode of file
SYNOPSIS
#include <sys/stat.h>
int
chmod(const char *path, mode_t mode)
[...]
DESCRIPTION
The file permission bits of the file name specified by path or
refer-
enced by the file descriptor fd are changed to mode. The chmod()
function
verifies that the process owner (user) either owns the file
specified by
path (or fd), or is the super-user. [...]
While a LyX-user is unlikely to be the owner of /tmp he would be the
owner of self-created sub-directories. So I think this is a good
idea...
Arnd
