systemd/tmpfiles.d
Zbigniew Jędrzejewski-Szmek d34cd37490 Make PrivateTmp dirs also inaccessible from the outside
Currently, PrivateTmp=yes means that the service cannot see the /tmp
shared by rest of the system and is isolated from other services using
PrivateTmp, but users can access and modify /tmp as seen by the
service.

Move the private /tmp and /var/tmp directories into a 0077-mode
directory. This way unpriviledged users on the system cannot see (or
modify) /tmp as seen by the service.
2013-03-20 14:08:41 -04:00
..
legacy.conf tmpfiles: move legacy flag-files handling to legacy.conf 2013-01-07 15:21:36 +01:00
Makefile journal: add preliminary incomplete implementation 2011-10-07 22:02:05 +02:00
systemd.conf tmpfiles: do not make /run/nologin executable 2013-01-19 02:11:41 +01:00
tmp.conf Make PrivateTmp dirs also inaccessible from the outside 2013-03-20 14:08:41 -04:00
x11.conf relicense to LGPLv2.1 (with exceptions) 2012-04-12 00:24:39 +02:00