Mailinglist Archive: opensuse-factory (715 mails)

[Frederic Crozat <fcrozat@xxxxxxxx>]

Le mercredi 28 mars 2012 à 14:05 +0200, Ludwig Nussel a écrit :
> Richard Guenther wrote:
> > On Tue, 27 Mar 2012, Frederic Crozat wrote:
> > [...]
> > Btw, I see that TMPDIR is /tmp by default on 12.1.  GCC uses this
> > for all temporary files, for link-time optimizing firefox for
> > example you need about 4GB of storage in TMPDIR.
> >
> > Thus, consider that (apart from my own personal opinion that a
> > stateless /tmp is utterly stupid, a tmpfs /tmp is even more so).
> >
> > So, change TMPDIR to point to /var/tmp?  Which would of course
> > make /tmp quite useless.
>
> Independent of whether or not to use tmpfs for /tmp from security PoV it
> would be desirable to set TMPDIR to a per user directory rather than one
> global 1777 dir to avoid tmp races in sloppy programmed applications.

This is something we are doing at Mandrake / Mandriva for years (using
TMPDIR=$HOME/tmp), but it has also its set of issues :
- it didn't play nice at all with network mounted home 
- we had to patch some software (I remember gconf or ORBit) to make sure
they were still using a "always local" TMPDIR and not one which could be
shared across system.

One possibility could be to use /run/<user>/ hierarchy which is now
created by pam_systemd at login and erased at logout.

-- 
Frederic Crozat <fcrozat@xxxxxxxx>
SUSE

-- 
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx