One nice way to isolate users a bit more from each other is to ensure that each user but their temporary files in separate directories instead of /tmp/. This can be easily done in Debian by installing the libpam-tmpdir package, and I believe we should do it in the freedombox.
It make it slightly harder to use su/sudo, as one might end up inheriting a TMP/TMPDIR environment setting where one lack access, but it is easily solved by remembering to changing how one call su/sudo. Any objections? -- Happy hacking Petter Reinholdtsen _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
