On 12-10-17 10:19 AM, John Moser wrote: > Can we promote pam-tmpdir to main instead of universe for 13.04? It > seems to work pretty well now, and so I recommend activating it by > default early in the development cycle. Very early. Like first > change early: pam-tmpdir is part of the base system default install. > > The rationale for this is pam-tmpdir makes changes to $TMP and $TMPDIR > which affect application behavior. Non-conforming applications will > dump their temp files into /tmp anyway; conforming applications using > $TMP or $TMPDIR will put them in a user-specific directory. SOME > applications may break--they shouldn't, but GDM broke in 2004 so I > could see things breaking. > > Applications ceasing to function is what I'm interested in. Anything > that's built and tested that fails to run properly under pam-tmpdir. > > pam-tmpdir creates a root-owned directory /tmp/users with permissions > o=--x. Upon log-on, pam creates a directory /tmp/users/$UID/ owned by > the user and with permissions 700. That becomes $TMP and $TMPDIR, and > so most applications put their temporary files there. >
Now that we have symlink restrictions in Ubuntu, security issues with using the /tmp directory are greatly reduced. Since Quantal now sets $XDG_RUNTIME_DIR, apps should use it or one of the other $XDG_* locations to store temporary user data. If use of /tmp is still necessary, apps should simply assign appropriate permissions to the files they create in /tmp. Please file bugs on any app that doesn't currently do this properly. Marc. -- Marc Deslauriers Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss