[Piuparts-devel] tmpdir defaults
Holger Levsen
holger at layer-acht.org
Mon Jun 25 19:24:05 UTC 2012
Hi,
On Montag, 25. Juni 2012, Andreas Beckmann wrote:
> what's a reasonable default for the tmpdir setting for piuparts-slave?
/var/tmp/piuparts (or /var/tmp/piuparts/slave ?
> Creating a subdir with a deterministic name in $TMPDIR is also no safe
> solution.
chown root /var/tmp/piuparts
chmod 700 /var/tmp/piuparts/
and then it's secure, because you will need to be root to exploit it and when
you're root you can equally directly do the evil you intend to do.
cheers,
Holger
More information about the Piuparts-devel
mailing list