Why does Samba requires 777 permissions on /tmp
Bob Eager
rde at tavi.co.uk
Sun May 19 18:56:42 UTC 2013
On Sun, 19 May 2013 13:34:49 -0500
sindrome <sindrome at gmail.com> wrote:
> I'm not sure I understand your question. Portupgrade barks about
> the /tmp directory being world writable. I pasted the exact errors
> earlier in this thread. I looked in my path and can't find /tmp in
> there and can't figure how to get rid of ruby complaining unless I
> remove the writable permissions. When I do that my windows desktop
> can't authenticate to my samba server. There has to be a root of
> this problem to make them both work. Is there some other place
> portupgrade is having /tmp amended on without it being in my $PATH?
I went back and had a closer look at your error message. What I hadn't
done (and neither had you, prior to that) was read and fully digest the
error message.
portupgrade is calling its 'system()' function to run a command. The
Ruby runtime does a sanity check to make sure that the directories in
the path are secure...and /tmp isn't. I suspect that portupgrade puts
temporary scripts into /tmp, then executes them; this implies that it's
probably chdir'ing to /tmp, then haveing '.' in thge path, or even just
adding /tmp to the path, although I don't think so.
Anyway, what's insecure is that you don't have the sticky bit set. If
you use:
chmod 1777 /tmp
it ought to all work.
More information about the freebsd-ports
mailing list