{"id":20135971,"url":"https://github.com/openwall/pam_mktemp","last_synced_at":"2025-03-02T22:41:39.162Z","repository":{"id":136729032,"uuid":"328803188","full_name":"openwall/pam_mktemp","owner":"openwall","description":"Provide per-user private directories under /tmp as part of PAM session or account management","archived":false,"fork":false,"pushed_at":"2021-01-18T18:32:40.000Z","size":77,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-01-13T09:38:09.819Z","etag":null,"topics":["directory","module","pam","temporary","tmpdir"],"latest_commit_sha":null,"homepage":"https://www.openwall.com/pam/","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/openwall.png","metadata":{"files":{"readme":"README","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-01-11T22:05:55.000Z","updated_at":"2022-05-19T14:38:40.000Z","dependencies_parsed_at":null,"dependency_job_id":"c58ab676-b973-4ac8-9400-9a38bfb6ebb6","html_url":"https://github.com/openwall/pam_mktemp","commit_stats":null,"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openwall%2Fpam_mktemp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openwall%2Fpam_mktemp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openwall%2Fpam_mktemp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openwall%2Fpam_mktemp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/openwall","download_url":"https://codeload.github.com/openwall/pam_mktemp/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241582522,"owners_count":19985846,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["directory","module","pam","temporary","tmpdir"],"created_at":"2024-11-13T21:17:12.767Z","updated_at":"2025-03-02T22:41:39.155Z","avatar_url":"https://github.com/openwall.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"pam_mktemp is a PAM module that may be used with a PAM-aware login\nservice to provide per-user private directories under /tmp as part\nof PAM session or account management.\n\nWhen an interactive (shell) session is started, a directory is created\nand the environment variables TMPDIR and TMP are set to the name of\nthe directory.\n\nAccording to some \"out of the box\" SELinux policies, /tmp/.private and\n/tmp/.private/USER directories created by this module running from\nprocesses like login and sshd would inherit a login process context\ninstead of /tmp directory or user context.  As a result, user processes\nwould have problems creating files in such \"login-owned\" directories.\nWhen the module is built with SELinux support (\"make USE_SELINUX=1\"), it\ncreates directories in the proper context.\n\nPlease note that there's a security risk of using pam_mktemp along with\ntmpwatch(8) and maybe with some other \"/tmp cleaners\", but stmpclean(8)\nis known to be safe.  If you must use a \"/tmp cleaner\" that exposes the\nproblem (although you'd better not), this risk may be avoided by\nenabling pam_mktemp's USE_APPEND_FL compile-time setting\n(\"make USE_APPEND_FL=1\") _and_ keeping /tmp on an ext2, ext3, or ext4\nfilesystem.  Please refer to comments in pam_mktemp.c for more detail on\nthe issue.  Once again, it is better to switch to using a \"/tmp cleaner\"\nthat does not expose the problem.\n\n$Owl: Owl/packages/pam_mktemp/pam_mktemp/README,v 1.2 2010/09/17 22:24:36 solar Exp $\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenwall%2Fpam_mktemp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenwall%2Fpam_mktemp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenwall%2Fpam_mktemp/lists"}