On Fri, Jul 14, 2023 at 12:29:26PM +0200, Laszlo Ersek wrote:
> On 7/14/23 11:42, Richard W.M. Jones wrote:
> > On Thu, Jul 13, 2023 at 07:10:49PM +0200, Laszlo Ersek wrote:
> >> There's another reason for separating sockdir from tmpdir, beyond "shorter
> >> pathnames needed": permissions. For
On 7/14/23 11:42, Richard W.M. Jones wrote:
> On Thu, Jul 13, 2023 at 07:10:49PM +0200, Laszlo Ersek wrote:
>> There's another reason for separating sockdir from tmpdir, beyond "shorter
>> pathnames needed": permissions. For example, passt drops privileges such
>> that it cannot access "/tmp", and
On Thu, Jul 13, 2023 at 07:10:49PM +0200, Laszlo Ersek wrote:
> There's another reason for separating sockdir from tmpdir, beyond "shorter
> pathnames needed": permissions. For example, passt drops privileges such
> that it cannot access "/tmp", and that restricts both the unix domain
> socket and
There's another reason for separating sockdir from tmpdir, beyond "shorter
pathnames needed": permissions. For example, passt drops privileges such
that it cannot access "/tmp", and that restricts both the unix domain
socket and the PID file of passt.
Bugzilla:
