Andre Poenitz wrote:
>
> > Is there any reason to even put them in /tmp to begin with? They belong
> > to the user, they should go somewhere under the user's home directory.
> > Putting them in /tmp is just asking for a security problem.
>
> No, /tmp is the place to put temporary files. Believe it or not, there
> are people with 10 MB quota out there... I know that proper security
> handling in /tmp *is* difficult, but it could be done. If you'd like to
> have your tempfiles in your /home, you can configure this already in
> lyxrc.
No, /tmp *used* to be the place to put temporary files. Nowadays most
people are starting to wake up the whole host of security issues this
creates and, thankfully, some of those are learning from the mistakes of
the past by looking for a way to avoid them in the future. I realise
there are people out there who run LyX with 10MB quotas but these, I'm
sure, are in the minority. The default should cater for both the
majority and the safe option (not necessarily in that order). Those few
who find that this option doesn't allow them to work within the
prescribed limits are the ones who should adjust by changing the
configuration. Safe handling of temporary files certainly can be done
(and should be done regardless of whether they may be publically
accessible or not) but a more sensible way would be to avoid the issue
altogether.
Regards,
Christian.
