19cb3d11 |
1 | .\" -*-nroff-*- |
efa7a97b |
2 | .TH tmpdir 1 "6 April 1999" "Local tools" |
3 | .SH NAME |
4 | tmpdir \- choose, or check a choice of, temporary directory |
5 | .SH SYNOPSIS |
6 | .B tmpdir |
7 | .RB [ \-bc ] |
8 | .RB [ \-v |
9 | .IR dir ] |
10 | .SH USAGE |
11 | The |
12 | .B tmpdir |
13 | program creates a secure place for temporary files to be stored, and |
14 | outputs an assignment to the |
15 | .B TMPDIR |
16 | variable suitable for execution by a shell. |
17 | .PP |
18 | Many programs aren't sufficiently careful about how they handle |
19 | temporary files. For example, if a program which creates files in |
20 | .B /tmp |
21 | without making careful checks beforehand, a malicious user who can |
22 | predict the name that the program will use can create a symbolic link |
23 | with that name: when run, the program will then overwrite some file |
24 | using your current privileges. Similarly, many programs create |
25 | temporary files using generous default permissions, which may well be a |
26 | mistake. |
27 | .PP |
28 | The |
29 | .B tmpdir |
30 | program finds a secure place for temporary files, creating one if |
31 | necessary. The criteria it uses to choose a place are as follows: |
4a1f00c4 |
32 | .IP " 1." |
efa7a97b |
33 | The temporary directory must be owned by the user, and have mode 700 |
34 | (i.e., readable, writable and searchable only by the owner). |
4a1f00c4 |
35 | .IP " 2." |
efa7a97b |
36 | The path through the filesystem to the temporary directory must be |
37 | secure against modifications by other malicious users. See the |
38 | .BR chkpath (1) |
39 | manual page for a description of how this is done: the two programs work |
40 | in the same way. |
41 | .PP |
42 | First, |
43 | .B tmpdir |
44 | checks to see whether the current value of the |
45 | .B TMPDIR |
46 | environment variable is a secure place for temporary files. If so, it |
47 | is accepted immediately. Otherwise, it tries to find or create a |
48 | directory in |
49 | .B /tmp |
50 | (on the assumption that this is a fast disk suitable for temporary |
51 | files), with the name |
52 | .BI /tmp/ user \- suffix |
53 | for some |
54 | .IR suffix . |
55 | If that fails, it tries to create a directory in your home directory, |
56 | with the name |
57 | .BI ~/tmp\- suffix\fR. |
58 | If |
59 | .I that |
60 | fails too, then |
61 | .B tmpdir |
62 | gives up: if your home directory's not secure (or full) than a secure |
63 | temporary directory is the least of your worries. |
1c5f5498 |
64 | .SS Options |
efa7a97b |
65 | The following options are supported: |
66 | .TP |
67 | .B "\-b, \-\-bourne" |
68 | Output an assignment using Bourne shell syntax. The default is to |
69 | examine the user's shell and decide which syntax to use based on that. |
70 | .TP |
71 | .B "\-c, \-\-cshell" |
72 | Output an assignment using C shell syntax. |
73 | .TP |
1c5f5498 |
74 | .BI "\-v, --verify " dir |
efa7a97b |
75 | Don't try to find a temporary directory; just see whether |
76 | .I dir |
77 | is secure, and exit successfully if it is (and unsuccessfully if it |
78 | isn't). |
79 | .SH BUGS |
80 | None known. |
81 | .SH SEE ALSO |
82 | .BR chkpath (1), |
d7b5ee0c |
83 | .BR checkpath (3), |
efa7a97b |
84 | .BR tmpnam (3), |
85 | .BR tmpfile (3). |
86 | .SH AUTHOR |
87 | Mark Wooding (mdw@nsict.org). |