[Fwd: Re: recovery from stupid error]

[Dick Davies]

* Jay R. Wren <jrwren at gmail.com> [0718 14:18]:
> On 7/15/05, Dick Davies <rasputnik at hellooperator.net> wrote:
> > >
> > > It still would be very nice if gdm in failsafe mode did a simple :
> > > if [ ! -w $HOME ]; export HOME=/tmp; fi
> > >
> > > That way the user could still have a failsafe login via X.
> > 
> > That's a bad idea imo.
> > if the user is'nt notified what happened, there's the potential of sensitive files
> > being created in /tmp.
> > 
> > Booting single user seems like the sanest way to get your files back and get on with
> > your life (or create a new empty ~ and learn the lesson).
> > 
> 
> Ok, let me revise:
> 
> if [ ! -w $HOME ] ; mkdir /tmp/$USER ;chown $USER /tmp/$USER ; chmod
> 0700 /tmp/$USER ; export HOME=/tmp/$USER ; fi
> 
> What is wrong with having sensitive files created in /tmp if they have
> a mask of 077?

Well, for starters, I can make /tmp/.ssh and your account will assume those 
files belong to you.  

Actually that's probably a bad example as ssh can be configured to check
permissions on  $HOME, and $HOME/.ssh . But a lot of apps are going to make
assumptions like that.

> Booting single user and getting a root prompt is not something my mom
> or dad can do.  Logging in failsafe and running a wizard to check
> permissions is something that I might be able to walk them through
> over the phone.

I just think losing $HOME is something you should be made aware of,
that's all.

-- 
'Save the cost of installing cable TV by taping current editions of Top Of The Pops and then watching them in fifteen years' time.'
		-- Top Tips
Rasputin :: Jack of All Trades - Master of Nuns