On Sun, 2005-05-22 at 08:50 -0600, Greg Knaddison wrote:
> On 5/22/05, Adrian Coman <adi.coman@xxxxxxxxx> wrote:
> > and who should know this?
> > my opinion is that there should be no need to execute anything from
> > /tmp, from security reasons.
> >
>
> This is not the first time I've seent his point discussed. Generally
> the programs that require execution of something in /tmp have that
> location as a tuneable parameter. I think
> mailman/spamassasin/something was the last time I saw this.
>
> Greg
Lots of things require executing tmp files ... though you might be able
to change it to /var/tmp ... for example
(as Greg said, by changing a config file)
This is an upstream issue ... and I saw some stuff in the redhat
bugzilla about some programs that have this issue, xmms is not one of
the ones listed though.
We don't normally fix issues like this in CentOS ... because we are
supposed to track upstream programs _exactly_ ... including their bugs.
If you want to fix it and maintain your own package, I'll try to help :)
OR ... make an entry in the RH bugzilla for RHEL4 and xmms
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.centos.org/pipermail/centos/attachments/20050522/59c58d20/attachment.bin
