Is it a possible hole of security having /tmp/ folder under user owner instead of root?
I have set it temporally under my user by mistake, after that its impossible to bring it back to root user: Ubuntu after that doesent recognize my session.
Security
Is it a possible hole of security having /tmp/ folder under user owner instead of root?
I have set it temporally under my user by mistake, after that its impossible to bring it back to root user: Ubuntu after that doesent recognize my session.
Best Answer
I don't think there's an inherent risk if /tmp doesn't belong to root, but it should belong to root following best practices (it's a system directory).
Also, note that the /tmp directory permissions must have the sticky bit set:
This way, files created in /tmp can be read and written only by the user that creates them. Not doing this is indeed a security risk as users could write or delete files that belong to other users or processes.
Regarding your session, I believe you should be able to solve this by changing the ownership from a console, while the X system is down (go to a TTY console with CTRL+ALT+F1,
service lightdm stop
(orservice gdm stop
), change ownership and reboot).To change owner and permissions, you can use: