against /tmp
2024-10-22 13:28https://dotat.at/@/2024-10-22-tmp.html
I commented on Lobsters that /tmp is usually a bad idea,
which caused some surprise. I suppose /tmp security bugs were common
in the 1990s when I was learning Unix, but they are pretty rare now so
I can see why less grizzled hackers might not be familiar with the
problems.
I guess that's some kind of success, but sadly the fixes have left
behind a lot of scar tissue because they didn't address the underlying
problem: /tmp should not exist.
It’s a bad idea because it’s shared global mutable state that crosses security boundaries. There’s a ton of complexity at all levels of unix (filesystems, kernel APIs, libc, shell, admin scripts) that only exists as a workaround for the dangers caused by making
/tmpshared.
( Read more... )
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}