Subject: Re: Per-user temp storage
To: None <>
From: Perry E. Metzger <>
List: tech-security
Date: 02/24/1997 10:06:20 writes:
> With the popularity of race conditions involving /tmp and such, would
> the idea of a per-user temporary storage space be helpful?
> I was thinking of modifying the memory filesystem to do some magic
> based on the user using /tmp.

Why not just do /tmp/user?

> Root would have full access to tmp, via /tmp/all/
> Any user can put things in /tmp/common/ which would be "shared" just like
> /tmp is now.

I think the shared part is a problem with the current scheme, actually...

With a /tmp/user owned by the user (maybe automagically created on
demand, maybe not) at the very least, you could have the cleaner
programs su to the user before traversing the particular user's tmp
directory for cleaning. No fuss, no security troubles.

At boot time (when you aren't multiuser) it remains fairly safe to
simply nuke everything in /tmp. During nightly cleanout, you know who
is supposed to own every /tmp/* directory, so...

> Accessing simply /tmp would make a special location just for that user,
> where files placed there are not accessable by the other users.

Why do this? It eliminates several of the valuable uses of /tmp

> Has anyone tried something like this, or will this break too many things?

It will probably break a lot.

> If one was clever /tmp could even automatically expire based on userid
> and last access time, perhaps.

I don't see that we want all that complexity in the kernel. HOWEVER,
eliminating a common /tmp would be a Very Good Thing.