[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Missing [/usr/local]/var/lib and [/usr/local]/tmp
|
From: |
Jeffrey Walton |
|
Subject: |
Re: Missing [/usr/local]/var/lib and [/usr/local]/tmp |
|
Date: |
Mon, 18 Jul 2022 11:27:07 -0400 |
On Mon, Jul 18, 2022 at 10:22 AM Bruno Haible <bruno@clisp.org> wrote:
>
> Jeffrey Walton wrote:
> > I believe MacOS maps /etc and /tmp to a private area for the user.
> > They are not world readable/writable. I believe Apple did it for
> > hardening.
> >
> > Here's from a MacOS X 10.5 machine I have:
> >
> > $ ls -l /etc /tmp
> > lrwxr-xr-x@ 1 root wheel 11 Feb 10 2015 /etc -> private/etc
> > lrwxr-xr-x@ 1 root wheel 11 Feb 10 2015 /tmp -> private/tmp
>
> /tmp is world-writable, of course:
>
> $ ls -lLd /etc /tmp
> drwxr-xr-x@ 124 root wheel 3968 27 Jun 01:25 /etc
> drwxrwxrwt@ 8 root wheel 256 18 Jul 14:38 /tmp
I believe Apple creates a copy of /etc, /var and /tmp for the user.
Then, writes occur to the private area the OS provides to the user. I
don't believe users are allowed to write directly to those
directories. In the old days it happened because of NetBoot. Nowadays
it's because of Apple's System Integrity Protection.
Also see
https://apple.stackexchange.com/questions/1043/why-is-tmp-a-symlink-to-private-tmp
and https://en.wikipedia.org/wiki/System_Integrity_Protection .
Jeff