On Mon, 14 Jul 2003 at 12:55:38PM -0400, Matt Zimmerman wrote: > On Mon, Jul 14, 2003 at 12:23:01PM -0400, bda wrote: > > As for the ~/tmp or ~/.tmp commentary, I have no real opinion, but it > > seems like it'd be a lot of work to implement. :-) > > Most of the work is adding support for the TMPDIR environment variable to > programs which do not already support it, and that is actually very easy.
Probably harder than that... What should be done about users that don't have +w to ~? Many system services are set up with home directories to / or /home. www-data:x:33:33:www-data:/var/www:/bin/sh Unless you are using WebDAV to upload files www-data doesn't need write access to /var/www. Even if you did give it write access, anyone surfing your site would be able to access http://host/tmp/ (unless you set up another Apache ACL). The system of a global directory works just fine if it is properly secured (with say the GRSecurity patch). Just my .02... -- Phillip Hofmeister PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import -- Excuse #51: System has been recalled
