On Sat, Aug 29, 2015 at 07:48:05PM +0200, Tollef Fog Heen wrote: > ]] Axel Beckert > > > Because APT 1.1~exp* uses an unprivileged user named _apt for > > downloads if running under root privileges. > > You can't generally use $TMPDIR for inter-user IPC, so in that case, > create an IPC directory in a well-known location and use that instead. > > I don't think this is a bug in libpam-tmpdir at all.
I tend to agree. Any process crossing privilege boundaries (up or down) should sanitize the environment, and TMPDIR would be part of that for this very reason. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: Digital signature
