Klaus Ethgen <[EMAIL PROTECTED]> wrote: > Am Fr den 4. Nov 2005 um 5:16 schrieb Noah Meyerhans: >> Within the security team, there has recently been some talk of pushing >> for per-user temp directories by default in etch. I'd like to see what > > That whould be no good idea for security environment where you do > special think to secure /tmp (make it in memory and encrypt swap). With > tempdir in users home all applications like for example gpg write > temporary files to this location which ends up unencrypted on a disk or, > more bad over an unsecure NFS share to the fileserver.
What do the security people mean with per-user temp directories? It's clear that $HOME/tmp would be bad, but /tmp/$USERNAME/ with proper permissions doesn't sound so awkward. Regards, Frank -- Frank Küster Inst. f. Biochemie der Univ. Zürich Debian Developer
