On Sun, Nov 13, 2022 at 04:16:29PM +0100, Marco d'Itri wrote: > And I think that it would be wrong to have dpkg generally unset $TMPDIR, > because if root sets it then it would be reasonable to expect that also > dpkg and the maintainer scripts use it (as long as they are not dropping > privileges).
This seems inconsistent to me. Where is the expectation that TMPDIR must be unset if dropping privileges coming from? Obviously for users of libpam-tmpdir that's a problem. But in the default case, it's something that would be entirely reasonable to inherit through a drop of privileges, for the same reason that I think you find that setting TMPDIR for maintainer scripts to use would be useful.
signature.asc
Description: PGP signature
