Tollef Fog Heen <[EMAIL PROTECTED]> writes: > ATM, TMPDIR is defined using #define in libpam-tmpdir's source. > Patches for having that as a run-time configuration are accepted.
I recently posted to debian-devel a patch to do this (not sure whether you saw it or not). However, at the time, I didn't realise that /sbin/pam-tmpdir-helper was a setuid root program. Purely my fault; I didn't check. Anyway, that patch opens up a security hole[1], so please don't apply it. Thanks, Kevin [1] My solution as to how to get the path from libpam-tmpdir to pam-tmpdir-helper was to pass it on the command line. But, since anyone can run pam-tmpdir-helper, anyone can create any tmpdir they like anywhere on the system. Very bad.
pgpys4KpeW8AX.pgp
Description: PGP signature
