-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It seems to be a weekly occurrence of a new CVE for some app that uses /tmp insecurely. I have been on a crusade for years to stop privileged services from using /tmp and /var/tmp. These services can be potentially be interfered by unprivileged users, potentially leading to process escalation. The only server applications that need to use /tmp should be for communicating with users. For example the X server, and potentially apps that use kerberos for example sssd and nfs.gssd. (Although maybe at some point we need to fix this.) Most apps that rely on using /tmp to communicate with the user can be easily broken by users having individual /tmp using pam_namespace. systemd as of Fedora 16 has the ability to run system services with private /tmp and /var/tmp. I would like to propose that we make this the default in Fedora 17, or at least open a bugzilla on all system services that we know of that use /tmp and /var/tmp to make them use private /tmp and /var/tmp. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEUEARECAAYFAk64NoYACgkQrlYvE4MpobN24ACfWMvhZHbb1CnClweGHM3C/dOY zk0Al3mHos+80HsvUMmNnc9zxCQhHcg= =Olg9 -----END PGP SIGNATURE----- -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
