-
Notifications
You must be signed in to change notification settings - Fork 61
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
zuluCrypt-gui not honoring environment setting ${TMP} #213
Comments
In my system, temporary directory is set to "/tmp", I will set the project to get temp path from env variable.
|
Thanks for the reply. Setting TMP to be ${HOME}/tmp rather than /tmp has been a security recommendation for some time (circa 1993-ish but probably before that). The ones I listed above I have found to be those used by most programs. Technically, this may be out of date, the old skewel variable was: TMP=/path; export TMP . TEMP/TEMPDIR are influences of Microsoft. |
Mhhhh, yes there is "obscure" security reason.
|
I am new to zuluCrypt so don't have a understanding/map of zuluCrypt and how it mounts file based containers so this is Apples and Oranges here I know but... I am using KeePassXC-2.7.8-x86_64.AppImage and in my $HOME/tmp folder: I am also using tmux. ls -l /home/user/tmp/tmux-1000 I remember now where setting TMP to ${HOME}/tmp came from. Screen back in the 90s to improve security. If I am mounting a VCC image for myself in /run/media/private/user/user-archive-data.vcc shouldn't the default permissions on my $HOME/tmp/zuluCrypt-1000/socket be all that is needed? How about $HOME/mnt/user-archive-data.vcc if you need SU privileges for creating things in /run/media/private/user . However this probably explains why zuluCrypt is not working for me. |
While trying to mount a Truecript container as a normal user I saw in the debug window a command: -f "/tmp/zuluCrypt-0/878313608" I am still working this out.
I have several environment variables set to point TMP to $HOME/tmp rather than the communal /tmp folder.
Is there some (obscure?) security reason why zuluCrypt is not honoring the environment variable ${TMP}?
e.g.:
TMPDIR=/home/user/tmp
TMP=/home/user/tmp
TEMPDIR=/home/user/tmp
TEMP=/home/user/tmp
The text was updated successfully, but these errors were encountered: