Bill Sommerfeld wrote:
[Note: shell-discussion at opensolaris.org does not exist, setting CC: to
shell-discuss at opensolaris.org]
>
> (note: I rearranged the subject line to make better use of limited
> space)
> > If the directory specified
> > by "/tmp/${LOGNAME}" does not exist "/etc/profile"&co. will be
> > responsible
> > for creating this directory with the same permissions as the current
> > "/tmp".
> > If the directory already exists "/etc/profile"&co. is responsible to check
> > whether the directory is owned by the current user (e.g.
> > $ /usr/bin/test -O dir #) and writeable (e.g. /usr/bin/test -w dir #),
> > if these conditions are not met TMPDIR will not be set.
>
> I think there's an error in this spec -- the way I read this, TMPDIR
> would never get set for any user other than root.
Erm, yes... the description is misleading. When I wrote 'creating this
directory with the same permissions as the current "/tmp"' I was
thinking about how the old (pre-SMF) scripts created the /tmp
directory... I wasn't thinking about something like a complex "copy
mode+ACL procedure. Currently the code for our site looks more or less
like this:
-- snip --
# set TMPDIR to /tmp/${LOGNAME}/
if [ "${LOGNAME}" != "" -a "${TMPDIR}" = "" ] ; then
utmpdir="/tmp/${LOGNAME}"
/usr/bin/mkdir -p -m 1777 "${utmpdir}"
# we have to use /usr/bin/test because /sbin/sh is a bourne shell
if /usr/bin/test -d "${utmpdir}" -a -O "${utmpdir}" ; then
TMPDIR="${utmpdir}"
export TMPDIR
fi
unset utmpdir
fi
-- snip --
> - file permissions include owner, group, mode, and acl.
> - by default, /tmp is owned by root, group root, mode 01777, no acl.
> - if the per-user subdir is created owned by root, then it would fail
> the "owned by the current user" test.
>
> I don't see the rationale, however, for making the per-user subdirs be
> mode 01777 ; 0700 or 0711 would make more sense.
The idea is to create something like a "per-user home dir for temporary
data" which works like the normal /tmp directory (think about really big
SunRay machines with many users or machines where many students
login/work/logout in one day... usually /tmp looks like a giant garbage
dump after one week and finding your own files becomes a challange
(assuming you don't have any degree in informatics or voodoo magic)).
The idea was not to adjust the mode to increase security since this may
break some tools which expect that they can do a $ cd "$TMPDIR" ; ls -l
# (or similar code).
----
Bye,
Roland
--
__ . . __
(o.\ \/ /.o) roland.mainz at nrubsig.org
\__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer
/O /==\ O\ TEL +49 641 7950090
(;O/ \/ \O;)
