--E187YRO8KGM40JwS
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Aug 22, 2007 at 12:23:45PM -0700, James Hartley wrote:
> > > Is null mounting /tmp a bad idea?
> >
> > What's the use of that?
> > You can do it, but remember that there are ways to exploit programs that
> > use mktemp instead of mkstemp, for example.
>=20
> So there is no need to have some type of tmp directory available to a
> chroot'ed environment?  Or should a tmp directory be created within
> the chroot & explicitly purged at system startup?

Ah, now I understand.  Well, many programs need a /tmp so I guess you should
create it and purge it from /etc/rc.local or something.  Alternatively, you
could mount that tmp directory from your fstab with tmpfs (or mfs, if you're
on an older release).

Regards,
Peter
--=20
http://sjamaan.ath.cx
--
"The process of preparing programs for a digital computer
 is especially attractive, not only because it can be economically
 and scientifically rewarding, but also because it can be an aesthetic
 experience much like composing poetry or music."
							-- Donald Knuth

--E187YRO8KGM40JwS
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (NetBSD)

iQEVAwUBRsyOm9OrBFwYag3gAQJZJQf+POnRN4lN2PJJbPQx1WAwOc50YT3H3wyR
3sFBddcRxy9kxbCjYJSrm71eHkoS9kV3DZ1jdiqomaCY1j6lrZZXN5IzH7/G1D9h
xiCJ2+quuD7+buimm+WQVspoL4xnnXDk916u06xUsskQbP+yqVC4pfOlYnm8FJ4Q
h75FEApgbIu7BqcV3X1b0EX4p5fpOoVAGYugiVxVjaviUUfvdH1raYw1eEfjywbn
+vpK2pavITCltF6kWoldJCVJ6ESSXgbDCtpd9UmIklaTHIKp5dD7uK2ArzF1Uzeq
9ijDJzHyvHUVsmGY17OnArmSg/3kTptu34fKed8xPvjuFL3vovgzug==
=n3CA
-----END PGP SIGNATURE-----

--E187YRO8KGM40JwS--