On Tue, Apr 07, 2020 at 09:37:02AM -0600, Theo de Raadt wrote: > > The idea was to have /var/www/tmp created by default, but with > > www:www ownership. > Create the directory. Now as a user, completely fill it.
The proposal is to create tmp with www:www ownership, writable only for that user, not like the old /var/tmp which was writable by anyone. Currently ports create per-application temp directories for this purpose when they get installed. I think this is fine and helps to keep unrelated things apart, so I don't see a reason to create a global 'www:www' tmp unless it helps ports sigificantly.
