Darren J Moffat wrote:
> Casper.Dik at Sun.COM wrote:
> >>> Since I do this myself in my own .profile I feel duty bound to stand up
> >>> to the plate and by your sponsor for this.  So sign me up for putback
> >>> sponsor and I'll be ARC case submitter too.
> >>>
> >> Good idea (I use this myself :-)).  Should the directory be created
> >> 700 by default?
> >
> > There's a risk in setting $TMPDIR and making it mode 700; the risk
> > is that programs started under a different uid may start to fail.
> 
> pkgadd is one of those programs.
> 
> > But it should either by mode 1777 (to mitigate that risk) or 700
> > for privacy.
> 
> Or honour the umask ?

Please "no" (default should be identical to the default mode of "/tmp").
Users who wish to do that can simply use "chmod" in their ~/.profile
(AFAIK there isn't an exploitable gap because users already own the dir
on creation).

----

bye,
Roland

P.S.: Reply-To: set to shell-discuss at opensolaris.org

-- 
  __ .  . __
 (o.\ \/ /.o) roland.mainz at nrubsig.org
  \__\/\/__/  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
  /O /==\ O\  TEL +49 641 7950090
 (;O/ \/ \O;)

Reply via email to