Permissions on /tmp (was: How can I detect whether an /etc/rc.d/init.d script is being run at boot time versus by hand?)

[Joshua Judson Rosen]

Bill Freeman <ke1g.nh at gmail.com> writes:
>
>    I can probably count on running on a linux box, so I can probably count on
> the FHS.  But the downside of tmp is that any process can also delete my pid
> file (as opposed to having to be either root or the user created for the
> program).

The sticky-bit (0001, or +t) set on /tmp prevents that from being true,
e.g.:

    jrosen at jz:~$ touch /tmp/foo
    jrosen at jz:~$ ls -ld /tmp /tmp/foo
    drwxrwxrwt 17 root   root   4096 May 21 20:05 /tmp
    -rw-r--r--  1 jrosen jrosen    0 May 21 20:05 /tmp/foo
    jrosen at jz:~$ sudo chown nobody.nogroup /tmp/foo
    [sudo] password for jrosen: 
    jrosen at jz:~$ ls -ld /tmp /tmp/foo
    drwxrwxrwt 17 root   root    4096 May 21 20:05 /tmp
    -rw-r--r--  1 nobody nogroup    0 May 21 20:05 /tmp/foo
    jrosen at jz:~$ rm /tmp/foo
    rm: remove write-protected regular empty file `/tmp/foo'? y
    rm: cannot remove `/tmp/foo': Operation not permitted

I don't see "/tmp should be sticky" in FHS, but I think everyone
(maybe excepting some embedded systems) does it, don't they?

Seems like /tmp would be a *very* scary place without a sticky-bit....

-- 
"Don't be afraid to ask (λf.((λx.xx) (λr.f(rr))))."