Matthew Winn wrote: > On Sun, 20 Jul 2008 00:44:48 +1000, Ben Schmidt > <[EMAIL PROTECTED]> wrote: > >> As has been pointed out, making a directory in /tmp is more secure. More >> specifically, making a directory and putting a file in it (there is a >> race condition there, of course...but checking/setting the mode can >> ensure security, I think). The directory can't be deleted and replaced >> unless empty, and can't be emptied if not writable. > > On Unix directories can be deleted when not empty. I've done it by > accident.
Mmm. I think I have too, now you mention it. But I think I perhaps thought that they could be moved but not fully deleted. Of course, it depends on the filesystem as well as the OS. > So long as there's a process with the directory as its > current directory the directory remains there, although the absence > of a ".." link breaks many commands that expect a sensible filesystem > structure. It's inadvisable to do it, however, and fsck usually has > a few comments to make about the situation. > > For security you need to set umask to 077, find a directory that has > the sticky bit set, ensure that all ancestors of that directory are > unwriteable by general users, create your own temporary directory, > and then create your files in that directory. Mmm. So we're back where we started: if the system is properly configured/administered, it's good. If it isn't, it's bad. >> One regular annoyance I have is that my system periodically cleans up >> /tmp and removes Vim's temp directories, and since a long-running Vim >> process created the directory, it assumes it's there and doesn't >> recreate it but just gives errors. > > Shouldn't it only clear out things that haven't been used for a while? It quite possibly does, in line with Gary's explanation. It is often about 5 days between my uses of temp files in one particular Vim session where it happens regularly. Cheers, Ben. --~--~---------~--~----~------------~-------~--~----~ You received this message from the "vim_dev" maillist. For more information, visit http://www.vim.org/maillist.php -~----------~----~----~----~------~----~------~--~---
