[Nix-dev] /run/lock permissions
Eelco Dolstra
eelco.dolstra at logicblox.com
Sun Aug 26 02:08:47 CEST 2012
Hi,
On 25/08/12 15:22, Mathijs Kwik wrote:
> - just change /run/lock to 755 and create a subdir for logcheck in a
> task/activationscript
This seems like the easiest and most secure solution to me. That way we don't
have to worry about non-root processes creating locks that should belong to
other users.
> - change /run/lock to 1775 and create a group that is allowed to
> create subdirs in there
I see that Fedora has /var/lock owned by root:lock and 775 permission. Ubuntu
has root:root and 1777 (which doesn't seem like a good idea to me...).
--
Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/
More information about the nix-dev
mailing list