enhance security via private TMP/TMPDIR by default
Rahul Sundaram
sundaram at redhat.com
Thu May 12 16:19:38 UTC 2005
Colin Walters wrote:
>On Thu, 2005-05-12 at 11:55 -0400, Matthew Miller wrote:
>
>
>>Just a thought:
>>
>>
>>/etc/profile.d/tmpdir.sh:
>>
>># For privacy and security, set temporary directories to ~/tmp on local
>>
>>
>
>There's actually been some work going on on giving each user their
>own /tmp namespace via the kernel's CLONE_NEWNS capability and a PAM
>module, AIUI. To the system administrator this could appear
>as /tmp/<username>. I think the problem is in getting later mounts to
>actually appear in the cloned namespace.
>
>
>
We probably should be putting out such information on a roadmap page for
Fedora instead of waiting for related topics to pop out. If we cant get
a general roadmap out, we can probably look at short term goals for
every Fedora version in a wiki. will this work out?
regards
Rahul
More information about the fedora-devel-list
mailing list