On Thu, Apr 16, 2015 at 07:44:21AM -0500, Les Mikesell wrote:
The issue here really isn't systemd or the PrivateTmp feature but the fact that some applications don't properly distinguish between temporary files and data files.
Maybe, but if an application wants a private directory for temporary files, shouldn't it create and manage that directory itself instead of being second-guessed by the default configuration of the OS?
This one I have a clear answer for: no. It's the distribution's job to help regularize application practices, especially when they don't follow good practices for security. Ideally, we work with upstreams on this, but sometimes where it's just a matter of configuration, we choose to exercise options to make everything fit together.
filesystem. And as far as what the default location should be - what would be correct for portable code? Isn't /var/lib/something kind of linux-centric? Where can an application expect to be able to write?
Linux-centric? Linux/Unix-centric, maybe. I mean, that's not gonna work on VMS or MS Windows — but then, neither is /tmp.