On 06/04/12 05:39, Bob Proulx wrote: > Scott Ferguson wrote: >> Bob Proulx wrote: >>> Scott Ferguson wrote: >>>> Martin Steigerwald wrote: >>>>> I like the notion to just use /var/tmp for anything big by default. >>>> >>>> Doesn't that require manually deleting files when they're no longer >>>> required? >>> >>> Of course that is no different from /tmp which is the same until >>> rebooted and I only reboot for kernel security upgrades. In between >>> those reboots it is no different and a system can go for a long time >>> without rebooting. >> >> So, um, do that mean yes? > > Yes. That means yes that I always set up a tmp cleaner for both /tmp > and /var/tmp. (But that is me. I don't know what Martin does.) > >>> I always set up automated tmp cleaners on /tmp and /var/tmp. >> >> Good to know. Almost as useful as actually saying what or how ;-p > > I intentionally avoided saying details because you would not believe > how contentious the topic of tmp cleaners really happens to be! If it > seems like a simple topic that is the first clue that it probably > isn't. It is a minefield. I put it firmly into the topic area of > "where angels fear to tread". I know better than to walk there. But > having stepped into it I was already planning the strategy of my > retreat so that I could escape with life and limb intact.
Just a wild guess... you've been ice-camping recently. ;-p > > As long as the details are ambiguous then there isn't any surface for > the maligners to attack. There is the presumption of innocence. Or > in this case the presumption of absolute correctness. And yet it is > an area that may be impossible to be absolutely correct. If you study > it in enough detail you may come to the conclusion that it isn't ever > safe to delete any file. You can only add disk space endlessly and > never ever delete anything. For those who come to that conclusion, > sorry, it isn't going to happen. but, but, but I was told Big Data is the Big Thing.... > > If you study the problem in enough detail you may conclude that the > only time to delete files is during system boot time. That is > certainly a safe time. The state of the system is known and > controlled. But does that mean that you would schedule a daily reboot > simply to be able to delete files? That would create an unreasonable > situation too. Then there's the dilemma of saved desktop sessions. (I don't use them). > And then we have the problems of absolute correctness > for shutdown and bootup. For those that come to that conclusion that > reboots are required to delete files, sorry, it isn't going to happen. > > And so being pragmatic I do set up tmp cleaners. Many things about > life are compromises. The maligners will attack me and call me a bad > person for doing so. I have walked through the fire on that one > before. And yet those attacks against tmp cleaners are impossible to > trigger on my machines. That won't prevent the maligners from trying. > They will construct various situations where the vulnerability exists > and will talk about those cases. That is all very good but those > cases are not my case and they don't apply. If the problem cases do > not apply to you either then there shouldn't be any problem for you to > set up a tmp cleaner either. But that is for you to decide. > > To set up a simple tmpcleaner sufficient on your own personal use > simply install the Debian tmpreaper package and then edit the > /etc/tmpreaper.conf file TMPREAPER_DIRS='/tmp/. /var/tmp/.' to add > /var/tmp to the list of directories that it will clean. You would > turn the warning statement there off too. > > To start getting up to speed on the issues with tmp cleaners read the > /usr/share/doc/tmpreaper/README.security.gz file that comes with > tmpreaper. Then browse the bug reports for that package: > > http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=tmpreaper;dist=unstable > > Then read through these references about temporary files: > > > http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/avoid-race.html > > http://lcamtuf.coredump.cx/tmp_paper.txt > > Additionally reading through various mktemp design notes about how to > create temporary files securely would be useful background on the > other side of things too. Thank you very much for that. I suspect you've saved me many hours of bum steers. > > If I didn't scare everyone just a little bit with this then I didn't > write it well enough. There isn't any way to win on this issue. [innocent look] So, which one is best? ;-p > > Bob Kind regards -- Iceweasel/Firefox/Chrome/Chromium/Iceape/IE extensions for finding answers to questions about Debian:- https://addons.mozilla.org/en-US/firefox/collections/Scott_Ferguson/debian/ -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4f7e2f95.60...@gmail.com
