Nix wrote:
On 4 Oct 2005, Bodo Eggert stated:
BTW: YANI: That about a tmpfs where all-numerical entries can only be
created by the corresponding UID? This would provide a secure, private
tmp directory to each user without the possibility of races and denial-of-
service attacks. Maybe it should be controlled by a mount flag.
Wouldn't it be less kludgy to just use the existing private namespace
stuff to provide each user with its own /tmp? (Or each user's session,
rather, which is probably much easier, as that corresponds precisely to
one process tree).
If you were going to do it right here's what you would do:
People who had files in /tmp would have no rights at all to other users
/tmp files.
Listing the dirtectory would only display the files you had some access
to. If you have no rights you don't even see that the file is there.
The effect would be like giving people their own tmp directories.
--
Marc Perkel - [email protected]
Spam Filter: http://www.junkemailfilter.com
My Blog: http://marc.perkel.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
