2009/2/18 Joerg Barfurth <[email protected]> > The Loeki schrieb:
<<SNIP>> > > > My first question is whether it's a huge problem to relay >> KIOSK_DEFAULT_TMP_DIRS from "/tmp /var/tmp" to, say, "/tmp/SUNWkio >> /var/tmp/SUNWkio"? >> >> > First: If you do want to change this, please set KIOSK_TMP_DIRS in > /etc/opt/SUNWkio/kioskrc. Please note that even changes to kioskrc are > currently not supported and may be clobbered by installation of patches that > include the SUWNkior package. But it is much better than changing the code > in installed scripts. > Agree, thanks. > > Whether the change is a problem depends on what your session does. What > the temp dir cleanup should really do is prevent information leaks from one > kiosk session to a later one that reuses the same user account. > > If users of your kiosk session may explicitly or implicitly create and > subsequently reread temp files with non-trivial information, then that could > be a concern. If that is not the case for your kiosk sessions (the "Sun Ray > Windows Connector Kiosk" session probably qualifies), then you can change > the value to "/var/tmp/dummy" (just point to whatever empty directory). > I understand (and agree with) this fully, I meant more in the direction of "if I change this variable, is it safe to assume it gets picked up by the full Kiosk implementation? Or is it hardcoded somewhere else?" > > First of all, the cleanup scripts do a find across these tmp dirs, thereby >> seeking and parsing through /tmp/SUNWut, which, in our experience, can be >> pretty dangerous (and is next to useless anyway, as no kiosk cleanup script >> ought to do cleanup there). >> > > The basic kiosk subsystem is architecturally independent and agnostic of > Sun Ray. Thus it doesn't 'know' about /tmp/SUNWut. And arguably the data in > /tmp/SUNWut really doesn't belong into /tmp... > > That said, some problems with kiosk cleanup /tmp/SUNWut are well-known. If > you report and escalate your problem through your Sun support contact, that > may help make a fix happen. > Well, as far as we can tell at this point, it's pretty much safe (and advisable) to completely exclude it, since other stuff will and should deal with everything that goes on in there. The main reason for relocating the temp directories is so that we won't have to mess with the cleanup code. And whilst I agree with the dubiousness of the /tmp/SUNWut location, I think it's a lot easier to relocate the Kiosk tmps and/or exclude /tmp/SUNWut in the cleanups than to relocate /tmp/SUNWut ;-) > > Secondly I'd like to keep it separated from the 'main' tmp in order to >> keep things nice, clean, ordered and organised. >> > > The selection of /tmp and /var/tmp is motivated by the fact that these are > world writable, so in general kiosk users may leave files there either > accidentally (information leak) or on purpose (to affect subsequent > sessions). Cleaning that data is primarily motivated by security considerations. And if there are more world-writable directories > on your system, they should even be added. > > - Jörg > >
_______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
