Against /tmp

In which people forget that computers have other purposes beyond being boxes for CTF competitions. Shared mutable global state isn't always bad.

> Shared mutable global state isn't always bad.

I agree, but I think that shared mutable global state is a bad default. I think it'd be better to be opt-in (eg, you get a `/tmp/${USER}` and your user can `chmod o+rw` during setup if it needs to be globally mutable.

If your machine is on the Internet in any way, you're taking part in the big ongoing global CTF.

There are very few always in such matters, but I view this one as an 'except for rare circumstances'. Even when true, it should be modeled as "contained state where the container includes everyone".

The problem is that Unices use access control, rather than capabilities, so ensuring state is shared only by those who need it is quite a bit more difficult than just punting, and declaring that 'those who need it' is 'everyone'.

Nor has the design problem of a user-friendly capabilities architecture truly been solved, IHMO. Nonetheless, we shouldn't confuse convenience with correctness.

True as it may be, it's not the reason my machine is on the Internet.

I serve 1Gb of /dev/null to every scraper that tries known CVE endpoints. Fuck 'em.

How much is 1 GB*0 bytes? Better serve 1GB of /dev/zero instead! (Or even better, /dev/urandom, because zeroes compress very well and are easy to spot.)