In article <20040815234104.GA19813@nixsys.bz>,  <othyro@freeshell.org> wrote:
>> I mean you can put 'ulimit -f 0' in /etc/profile. Nothing prevents you from
>> doing it. Most program fail when you do this. Should they manually unset
>> the limit? Obviously not. Why should setting TEMPDIR be any different?
>
>I see how that is problematic...but are you saying even if checking is
>done, setting TMPDIR in /etc/profile is a stupid setting?

It violates the POLA. The whole reason TEMPDIR exists, is so that the user
can change the location of it in cases where the regular temporary directory
is too small. It is for the user to override, not the administrator. The
administrator should make sure that the location where _PATH_TMP points to
(usually /tmp) is mode 1777 and has adequate space for regular uses.

>Why does the finger program check / need to know if TMPDIR exists anyway?

Most programs don't; they just do:

	if ((tmpdir = getenv("TEMPDIR")) == NULL;
		tmpdir = _PATH_TMP;
	snprintf(path, sizeof(path), "%s/%s", tmpdir, xxx);
	fopen(path, "w");

and then they fail in fopen.

christos