On Mon, Feb 18, 2008 at 09:14:30AM -0600, Daniel Corrigan wrote: > Since this was released to a public mailing list, I can only assume > some less than nice user will attempt this. The only top level file > system I have that can be written to by normal users is /tmp > > Should clear_tmp_enable="YES" in /etc/rc.conf prevent this from > causing harm?
Probably not. But an inode quota might, if your users can deal with having less than 10000 inodes - (what is supposed to be in the root of such file systems). It would at least make it more difficult for one rogue user to hurt you. Perhaps an /usr/local/etc/rc.d script could look for problems such as this in the stop process. Or one could simply remount the /tmp disk to /data and make a symlink from /tmp to /data/tmp. It seems like there should be several possible workarounds. -- Scott Lambert KC5MLE Unix SysAdmin [EMAIL PROTECTED] _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
