OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: where user temp files should go, env var names
From: Nick Phillips (nwpCHECKAPRICE.COM)
Date: Thu Dec 21 2000 - 06:53:51 CST

On Tue, Dec 19, 2000 at 12:55:34AM -0500, Mike A. Harris wrote:

> The kernel doesn't differentiate between directories in the
> filesystem. For all the kernel cares /tmp is where user
> directories are stored. The kernel doesn't ever know or treat
> differently any names of dirs in the filesystem. This definitely
> has nothing at all to do with the kernel whatsoever. It is a
> userland programming issue.
>
> The kernel does not impose policy decisions upon systems, that is
> what a sysadmin is for. Fix the programmer.

This is illogical. The sysadmin makes the policy and uses the kernel
(amongst other things) to impose it. In this instance the programmer
is effectively just another user who cannot be trusted. Therefore it
is reasonable for the kernel to provide the sysadmin with the means
to enforce their policy on programmers as well as "normal" users.

By all means fix the programmers too, but remember that they are just
a particular type of user using the facilities provided to them; if
the facilities provided to them (libs, syscalls, kernel etc.) allow
them to do silly things, you should expect them to do silly things.

Cheers,

Nick