pam-tmpdir promote to main?

Marc Deslauriers marc.deslauriers at
Wed Oct 17 14:52:41 UTC 2012

On 12-10-17 10:19 AM, John Moser wrote:
> Can we promote pam-tmpdir to main instead of universe for 13.04?  It
> seems to work pretty well now, and so I recommend activating it by
> default early in the development cycle.  Very early.  Like first
> change early:  pam-tmpdir is part of the base system default install.
> The rationale for this is pam-tmpdir makes changes to $TMP and $TMPDIR
> which affect application behavior.  Non-conforming applications will
> dump their temp files into /tmp anyway; conforming applications using
> $TMP or $TMPDIR will put them in a user-specific directory.  SOME
> applications may break--they shouldn't, but GDM broke in 2004 so I
> could see things breaking.
> Applications ceasing to function is what I'm interested in.  Anything
> that's built and tested that fails to run properly under pam-tmpdir.
> pam-tmpdir creates a root-owned directory /tmp/users with permissions
> o=--x.  Upon log-on, pam creates a directory /tmp/users/$UID/ owned by
> the user and with permissions 700. That becomes $TMP and $TMPDIR, and
> so most applications put their temporary files there.

Now that we have symlink restrictions in Ubuntu, security issues with
using the /tmp directory are greatly reduced.

Since Quantal now sets $XDG_RUNTIME_DIR, apps should use it or one of
the other $XDG_* locations to store temporary user data. If use of /tmp
is still necessary, apps should simply assign appropriate permissions to
the files they create in /tmp.

Please file bugs on any app that doesn't currently do this properly.


Marc Deslauriers
Ubuntu Security Engineer     |
Canonical Ltd.               |

More information about the Ubuntu-devel-discuss mailing list