[arch-general] pacman/libalpm/libfetch do not honor TMPDIR
Isaac Dupree
ml at isaac.cedarswampstudios.org
Tue Nov 29 20:51:41 EST 2011
On 11/29/2011 05:20 PM, clemens fischer wrote:
> With tmpwatch one gets to choose files not accessed or modified for
> a certain period, and it needs no config file. Arch-tmpfiles, OTOH,
> would require such a thing.
>
> Then again, a simple "find<some-dirs> -atime +<time-spec> -exec /bin/rm
> '{}' +" does about the same as tmpwatch.
Use -execdir instead, for security reasons (to protect against race
conditions at least a little bit better). Or even better, just use
-delete, which is built into find and also does everything to make the
command able to delete long-unaccessed directories too.
Still, for something this sensitive to mistakes*, I'd be more likely to
trust a command made specifically for the purpose. For example, web
search found me a tmpwatch man-page that says various things it's
careful about: "When changing directories, tmpwatch is very sensitive to
possible race conditions and will exit with an error if one is detected.
It does not follow symbolic links in the directories it's cleaning (even
if a symbolic link is given as its argument), will not switch
filesystems, and only removes empty directories and regular files." ...
and I think there's more.
(disclosure: I don't need it personally, as tmpfs /tmp meets my needs.)
-Isaac
* at least: shared /tmp is a bit of a security disaster ; programs like
X keep socket-type files there ; perhaps more: how many people know all
of these parts well enough to write robust generic /tmp-related code?
More information about the arch-general
mailing list