Subject: Re: per-user /tmp
To: None <elad@NetBSD.org>
From: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
List: tech-security
Date: 02/05/2007 12:06:45
> > That said, having the magic would be good for legacy programs...
> 
> > So, first of all, I don't like littering the top-level directory with
> > extra stuff.  So, let's pick a generic place to put the "real" temp
> > dirs... like maybe /private/tmp (hey, there's prior art for this, at
> > least :-)
> 
> okay - that sounds good. read further though:
> 
> > It would be nice of setusercontext(3) could take care of making sure the
> > private temp directory exists, rather than making login(1) do it. 
> > setusercontext(3) could also set TMPDIR in the environment -- this would
> > make any well-behaved program DTRT out of the box.
> 
> christos suggested we can make the code in login(1) a bit smarter: it
> would readlink("/tmp") and if it's a symlink, it would take the
> componenet of the link target up to "@uid" (say, "/private/tmp", in the
> case of "/private/tmp/@uid") and create the private temp dir there.

is it how mac's /private/tmp is used?
if you follow their naming, it's better to follow their semantics as well.

YAMAMOTO Takashi