stgraber also suggested in IRC that /tmp may not be a good idea since
that's tmpfs backed and possibly limited in size. The base directory
is configurable in /etc/system-image/client.ini but maybe /var/tmp
/system-image would be a better default base dir. It would have to be
made writable though.
I suggest using tmpfile.mkdtemp() to provide a secure unpredictable
temporary directory inside that basedir for a download session. One
implication of this though is that if the s-i-dbus process exits, it
really should clean up this temporary, er temporary directory. Which
means that once it exits, the downloaded files will be discarded. So
if, as in LP: #1236818 you start the download, but leave your phone
unattended for long enough, s-i-dbus will exit and you'll have to
restart the whole process again.
Or, I suppose, that temporary temporary directory could be cleaned up
only prior to apply-and-reboot, and if the process exits due to timing
out, we'd have to persist the fact that that tempdir was created. I'll
leave that to LP: #1236818.
** Changed in: ubuntu-system-image
Status: Triaged => In Progress
** Changed in: ubuntu-system-image
Milestone: None => 1.9
** Changed in: system-image (Ubuntu)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1235975
Title:
Unsafe file and directory permissions
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-system-image/+bug/1235975/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
