On Mon, Jul 02, 2012, Daniel P. Berrange <berra...@redhat.com> wrote: > In Fedora 18, /tmp is going to be a RAM filesystem, so we absolutely > must not create any sizeable files on /tmp. > > In addition from a security POV, we must aim to *never* use /tmp for > anything at all > > http://danwalsh.livejournal.com/11467.html
I take exception to that. Saying *never* is incorrect. You (and that blog post) say that we should *never* use /tmp for security reasons, but don't go on to explain why using mkstemp or mkdtemp is a security problem. Even the glibc documentation says they are safe wrt to security issues: http://www.gnu.org/software/libc/manual/html_node/Temporary-Files.html > It would be good to do a thorough audit of the code to make sure > nothing is using the tmpfile functions without explicitly specifying > a directory path that is private to the OpenStack daemon in question. Not using /tmp for large files is a good reason for practical reasons (distributions moving to ramfs for /tmp). But please don't start throwing around warnings that all uses of /tmp are a security risk without backing that up. JE _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
