Against /Tmp | slacker news

1. TeMPOraL ◴[22 Oct 24 13:40 UTC] No.41914165[source]▶

>>41913610 (OP) #

In which people forget that computers have other purposes beyond being boxes for CTF competitions. Shared mutable global state isn't always bad.

replies(3): >>41914370 #>>41914775 #>>41916491 #

2. inetknght ◴[22 Oct 24 14:00 UTC] No.41914370[source]▶

>>41914165 (TP) #

> Shared mutable global state isn't always bad.

I agree, but I think that shared mutable global state is a bad default. I think it'd be better to be opt-in (eg, you get a `/tmp/${USER}` and your user can `chmod o+rw` during setup if it needs to be globally mutable.

3. pjc50 ◴[22 Oct 24 14:40 UTC] No.41914775[source]▶

>>41914165 (TP) #

If your machine is on the Internet in any way, you're taking part in the big ongoing global CTF.

4. samatman ◴[22 Oct 24 17:23 UTC] No.41916491[source]▶

>>41914165 (TP) #

There are very few always in such matters, but I view this one as an 'except for rare circumstances'. Even when true, it should be modeled as "contained state where the container includes everyone".

The problem is that Unices use access control, rather than capabilities, so ensuring state is shared only by those who need it is quite a bit more difficult than just punting, and declaring that 'those who need it' is 'everyone'.

Nor has the design problem of a user-friendly capabilities architecture truly been solved, IHMO. Nonetheless, we shouldn't confuse convenience with correctness.