Elad Efrat wrote:
> Index: login.c
> ===================================================================
> RCS file: /usr/cvs/src/usr.bin/login/login.c,v
> retrieving revision 1.94
> diff -u -p -r1.94 login.c
> --- login.c	17 Jan 2007 00:21:43 -0000	1.94
> +++ login.c	2 Feb 2007 06:22:14 -0000
> @@ -188,6 +188,7 @@ main(int argc, char *argv[])
>  #ifdef LOGIN_CAP
>  	char *shell = NULL;
>  	login_cap_t *lc = NULL;
> +	char *per_user_tmp;
>  #endif
>  
>  	tbuf[0] = '\0';
> @@ -596,6 +597,22 @@ main(int argc, char *argv[])
>  		environ = envinit;
>  
>  #ifdef LOGIN_CAP
> +	/* Create per-user temporary directories if needed. */
> +	per_user_tmp = login_getcapstr(lc, "per-user-tmp", NULL, NULL);
> +	if (per_user_tmp != NULL) {
> +		char *tmp_dir;
> +
> +		/* Ignore errors here. */
> +		if (asprintf(&tmp_dir, "%s/%u", per_user_tmp,
> +		    pwd->pw_uid) != -1) {
> +			(void)mkdir(tmp_dir, S_IRWXU);
> +			(void)chown(tmp_dir, pwd->pw_uid, pwd->pw_gid);

Don't you want to do the open()/fstat()/fchown()/fchmod() dance here?
Maybe the login instead of the uid should be used? It's more readable
once on disk and you can have multiple logins with the same uid but
not vice-versa.

-- 
Christian