[Fwd: Re: recovery from stupid error]
rasputnik at hellooperator.net
Mon Jul 18 11:47:49 CDT 2005
* Jay R. Wren <jrwren at gmail.com> [0718 14:18]:
> On 7/15/05, Dick Davies <rasputnik at hellooperator.net> wrote:
> > >
> > > It still would be very nice if gdm in failsafe mode did a simple :
> > > if [ ! -w $HOME ]; export HOME=/tmp; fi
> > >
> > > That way the user could still have a failsafe login via X.
> > That's a bad idea imo.
> > if the user is'nt notified what happened, there's the potential of sensitive files
> > being created in /tmp.
> > Booting single user seems like the sanest way to get your files back and get on with
> > your life (or create a new empty ~ and learn the lesson).
> Ok, let me revise:
> if [ ! -w $HOME ] ; mkdir /tmp/$USER ;chown $USER /tmp/$USER ; chmod
> 0700 /tmp/$USER ; export HOME=/tmp/$USER ; fi
> What is wrong with having sensitive files created in /tmp if they have
> a mask of 077?
Well, for starters, I can make /tmp/.ssh and your account will assume those
files belong to you.
Actually that's probably a bad example as ssh can be configured to check
permissions on $HOME, and $HOME/.ssh . But a lot of apps are going to make
assumptions like that.
> Booting single user and getting a root prompt is not something my mom
> or dad can do. Logging in failsafe and running a wizard to check
> permissions is something that I might be able to walk them through
> over the phone.
I just think losing $HOME is something you should be made aware of,
'Save the cost of installing cable TV by taping current editions of Top Of The Pops and then watching them in fifteen years' time.'
-- Top Tips
Rasputin :: Jack of All Trades - Master of Nuns
More information about the ubuntu-devel