Commit | Line | Data |
---|---|---|
19cb3d11 | 1 | .\" -*-nroff-*- |
efa7a97b | 2 | .TH tmpdir 1 "6 April 1999" "Local tools" |
3 | .SH NAME | |
4 | tmpdir \- choose, or check a choice of, temporary directory | |
5 | .SH SYNOPSIS | |
6 | .B tmpdir | |
3d62246f MW |
7 | .RB [ \-bcv ] |
8 | .RB [ \-C | |
efa7a97b | 9 | .IR dir ] |
10 | .SH USAGE | |
11 | The | |
12 | .B tmpdir | |
13 | program creates a secure place for temporary files to be stored, and | |
14 | outputs an assignment to the | |
15 | .B TMPDIR | |
16 | variable suitable for execution by a shell. | |
17 | .PP | |
18 | Many programs aren't sufficiently careful about how they handle | |
19 | temporary files. For example, if a program which creates files in | |
20 | .B /tmp | |
21 | without making careful checks beforehand, a malicious user who can | |
22 | predict the name that the program will use can create a symbolic link | |
23 | with that name: when run, the program will then overwrite some file | |
24 | using your current privileges. Similarly, many programs create | |
25 | temporary files using generous default permissions, which may well be a | |
26 | mistake. | |
27 | .PP | |
28 | The | |
29 | .B tmpdir | |
30 | program finds a secure place for temporary files, creating one if | |
31 | necessary. The criteria it uses to choose a place are as follows: | |
4a1f00c4 | 32 | .IP " 1." |
efa7a97b | 33 | The temporary directory must be owned by the user, and have mode 700 |
34 | (i.e., readable, writable and searchable only by the owner). | |
4a1f00c4 | 35 | .IP " 2." |
efa7a97b | 36 | The path through the filesystem to the temporary directory must be |
37 | secure against modifications by other malicious users. See the | |
38 | .BR chkpath (1) | |
39 | manual page for a description of how this is done: the two programs work | |
40 | in the same way. | |
41 | .PP | |
42 | First, | |
43 | .B tmpdir | |
44 | checks to see whether the current value of the | |
45 | .B TMPDIR | |
46 | environment variable is a secure place for temporary files. If so, it | |
47 | is accepted immediately. Otherwise, it tries to find or create a | |
48 | directory in | |
49 | .B /tmp | |
50 | (on the assumption that this is a fast disk suitable for temporary | |
51 | files), with the name | |
52 | .BI /tmp/ user \- suffix | |
53 | for some | |
54 | .IR suffix . | |
55 | If that fails, it tries to create a directory in your home directory, | |
56 | with the name | |
57 | .BI ~/tmp\- suffix\fR. | |
58 | If | |
59 | .I that | |
60 | fails too, then | |
61 | .B tmpdir | |
62 | gives up: if your home directory's not secure (or full) than a secure | |
63 | temporary directory is the least of your worries. | |
1c5f5498 | 64 | .SS Options |
efa7a97b | 65 | The following options are supported: |
66 | .TP | |
67 | .B "\-b, \-\-bourne" | |
68 | Output an assignment using Bourne shell syntax. The default is to | |
69 | examine the user's shell and decide which syntax to use based on that. | |
70 | .TP | |
71 | .B "\-c, \-\-cshell" | |
72 | Output an assignment using C shell syntax. | |
73 | .TP | |
3d62246f MW |
74 | .B "-v, \-\-verbose" |
75 | Report problems to standard error. Repeat for more verbosity. | |
76 | .TP | |
77 | .BI "\-C, --check " dir | |
efa7a97b | 78 | Don't try to find a temporary directory; just see whether |
79 | .I dir | |
80 | is secure, and exit successfully if it is (and unsuccessfully if it | |
81 | isn't). | |
82 | .SH BUGS | |
83 | None known. | |
84 | .SH SEE ALSO | |
85 | .BR chkpath (1), | |
d7b5ee0c | 86 | .BR checkpath (3), |
efa7a97b | 87 | .BR tmpnam (3), |
88 | .BR tmpfile (3). | |
89 | .SH AUTHOR | |
90 | Mark Wooding (mdw@nsict.org). |