mdw@git.distorted.org.uk Git - checkpath/blob - tmpdir.1

   1 .\" -*-nroff-*-
   2 .TH tmpdir 1 "6 April 1999" "Local tools"
   3 .SH NAME
   4 tmpdir \- choose, or check a choice of, temporary directory
   5 .SH SYNOPSIS
   6 .B tmpdir
   7 .RB [ \-bcv ]
   8 .RB [ \-g
   9 .IR group ]
  10 .RB [ \-C
  11 .IR dir ]
  12 .SH USAGE
  13 The
  14 .B tmpdir
  15 program creates a secure place for temporary files to be stored, and
  16 outputs an assignment to the
  17 .B TMPDIR
  18 variable suitable for execution by a shell.
  19 .PP
  20 Many programs aren't sufficiently careful about how they handle
  21 temporary files.  For example, if a program which creates files in
  22 .B /tmp
  23 without making careful checks beforehand, a malicious user who can
  24 predict the name that the program will use can create a symbolic link
  25 with that name: when run, the program will then overwrite some file
  26 using your current privileges.  Similarly, many programs create
  27 temporary files using generous default permissions, which may well be a
  28 mistake.
  29 .PP
  30 The
  31 .B tmpdir
  32 program finds a secure place for temporary files, creating one if
  33 necessary.  The criteria it uses to choose a place are as follows:
  34 .IP "   1."
  35 The temporary directory must be owned by the user, and have mode 700
  36 (i.e., readable, writable and searchable only by the owner).
  37 .IP "   2."
  38 The path through the filesystem to the temporary directory must be
  39 secure against modifications by other malicious users.  See the
  40 .BR chkpath (1)
  41 manual page for a description of how this is done: the two programs work
  42 in the same way.
  43 .PP
  44 First,
  45 .B tmpdir
  46 checks to see whether the current value of the
  47 .B TMPDIR
  48 environment variable is a secure place for temporary files.  If so, it
  49 is accepted immediately.  Otherwise, it tries to find or create a
  50 directory in
  51 .B /tmp
  52 (on the assumption that this is a fast disk suitable for temporary
  53 files), with the name
  54 .BI /tmp/ user \- suffix
  55 for some
  56 .IR suffix .
  57 If that fails, it tries to create a directory in your home directory,
  58 with the name
  59 .BI ~/tmp\- suffix\fR.
  60 If
  61 .I that
  62 fails too, then
  63 .B tmpdir
  64 gives up: if your home directory's not secure (or full) than a secure
  65 temporary directory is the least of your worries.
  66 .SS Options
  67 The following options are supported:
  68 .TP
  69 .B "\-b, \-\-bourne"
  70 Output an assignment using Bourne shell syntax.  The default is to
  71 examine the user's shell and decide which syntax to use based on that.
  72 .TP
  73 .B "\-c, \-\-cshell"
  74 Output an assignment using C shell syntax.
  75 .TP
  76 .BI "\-g, \-\-group " group
  77 Trust (the members of)
  78 .IR group :
  79 consider directories they can write to be safe.
  80 .TP
  81 .B "-v, \-\-verbose"
  82 Report problems to standard error.  Repeat for more verbosity.
  83 .TP
  84 .BI "\-C, --check " dir
  85 Don't try to find a temporary directory; just see whether
  86 .I dir
  87 is secure, and exit successfully if it is (and unsuccessfully if it
  88 isn't).
  89 .SH BUGS
  90 None known.
  91 .SH SEE ALSO
  92 .BR chkpath (1),
  93 .BR checkpath (3),
  94 .BR tmpnam (3),
  95 .BR tmpfile (3).
  96 .SH AUTHOR
  97 Mark Wooding (mdw@nsict.org).