On Mon, 07.11.11 19:15, Chris Adams (cmadams@xxxxxxxxxx) wrote: > Once upon a time, Lennart Poettering <mzerqung@xxxxxxxxxxx> said: > > Yes, since they are created as subdirectories of the real / with mkdtemp() > > and thus can be found there like any other directory if you are running > > in the main namespaces. > > > > No, since there's currently no sane way to figure out the private /tmp > > directory of a running service. i.e. there's currently no sane way to > > figure out which directory in /tmp appears as /tmp to > > avahi-daemon.service. So, while you see all the subdirs, you'll have a > > hard time to figure out which one is which one. > > So are they subdirectories of / or /tmp? The latter. > How do standard tools like fuser and lsof see them? If run on the main namespace all they see is that the files are in some randomized subdir of /tmp, instead of /tmp itself. > I'm thinking of cases like "daemon gets cracked", where script-kiddie > starts downloading attempted rootkits into /tmp, or where luser does > something that starts filling up the disk, etc. If fuser/lsof can > tell me correctly which process is accessing that directory, that's > probably good enough. Yes, this works as it always did. We made sure that the behaviour change is as minimal as possible and all the accounting and discoverability is unchanged. Lennart -- Lennart Poettering - Red Hat, Inc. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
