mirror of
https://github.com/systemd/systemd.git
synced 2024-12-18 22:53:40 +08:00
d34cd37490
Currently, PrivateTmp=yes means that the service cannot see the /tmp shared by rest of the system and is isolated from other services using PrivateTmp, but users can access and modify /tmp as seen by the service. Move the private /tmp and /var/tmp directories into a 0077-mode directory. This way unpriviledged users on the system cannot see (or modify) /tmp as seen by the service. |
||
---|---|---|
.. | ||
legacy.conf | ||
Makefile | ||
systemd.conf | ||
tmp.conf | ||
x11.conf |