View Single Post
  #5   (View Single Post)  
Old 9th June 2017
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,236
Default

The thing with chroot-ing it to /var/tmp/ (or /tmp/) is that you don't know which files may be there, and that the chrooting program may accidentally expose information present in those directories, or even worse allow modification of those files!

With /var/empty/, I don't need to worry about any of that.

At any rate, my eventual solution was to create an empty /var/program_name/ directory. I later added some support for file caching, so I had to do that in the long run anyway :-)
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote