[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Texmacs-dev] Re: [Bug #1789] temporary files are created in an inse
From: |
david |
Subject: |
Re: [Texmacs-dev] Re: [Bug #1789] temporary files are created in an insecure way |
Date: |
Wed, 26 Feb 2003 12:04:34 +0100 |
User-agent: |
Mutt/1.4i |
On Tue, Feb 25, 2003 at 06:35:00PM +0100, Joris van der Hoeven wrote:
>
> > The only good reason I see not to put temporary files in "~/.TeXmacs",
> > is that on big systems, the admin will typically tune differently the
> > filesystems of /home and of /tmp. Also, using /tmp ensures that
> > garbage is periodically cleant by the system.
>
> Well, TeXmacs may clear the garbage itself, as it does already
> (hmm, maybe I forgot about some stuff in ~/.TeXmacs/system)...
That misses the point of putting temp files in a different filesystem.
> No, the caching may improve performance over *several* runs.
I agree. I just think cached stuff should not be in /home.
> 1) I will use ~/.TeXmacs/system/tmp for temporary files.
> 2) Clean temporary files as soon as they are no longer needed.
> 3) Clean ~/.TeXmacs/system/tmp when booting and at (clean) exit.
As stated before I do not think that is quite right.
> 4) Restrict permissions inside ~/.TeXmacs except for ~/.TeXmacs/texts.
A few additional points:
-- files and directories should be created with the right permission
(I think the UMASK env variable is of use there).
-- if the user sets unsafe permissions, texmacs should refuse to
run.
-- texmacs should *not* quietly change the permissions of existing
files or directories.
-- safe permissions should not restrict reading, only writing.
PS: while we are at it, it would make sense to automatically create
token my-init-texmacs.scm and my-init-buffer.scm which just exec the
corresponding file in TEXMACS_PATH.