I would like to propose using PrivateTmp for dhcpd systemd unit file This should make the use of /tmp directory more secure and avoid users from being able to potentially effect it. http://fedoraproject.org/wiki/Features/ServicesPrivateTmp
Actually it's only dhclient (dhclient-script) that uses /tmp. There's a code in dhcpd that reads attributes of files in /tmp to generate semi random data, but it doesn't seem to be used anyway. So I'm going to revert the change I already did and close this as NOTABUG.
Well do any of the scripts to redirection within bash command << _EOF ... _EOF Also can't dhclient-script execute custom scripts?
(In reply to comment #2) > Well do any of the scripts to redirection within bash > > command << _EOF > ... > _EOF Not sure whether this is what you are asking (if that was a question), but dhclient-script uses /tmp this way: rscf="$(mktemp ${TMPDIR:-/tmp}/XXXXXX)" echo "nameserver ${nameserver}" >> ${rscf} change_resolv_conf ${rscf} rm -f ${rscf} change_resolv_conf is from /etc/sysconfig/network-scripts/network-functions and for example /etc/sysconfig/network-scripts/ifup-post use it the same way. > Also can't dhclient-script execute custom scripts? Yes, it runs (if they exist) /etc/dhcp/dhclient-enter-hooks /etc/dhcp/dhclient-up-hooks /etc/dhcp/dhclient-down-hooks /etc/dhcp/dhclient-exit-hooks /etc/dhcp/dhclient.d/*.sh
So why not be secure by default and not have to worry about users hacking something in here to break dhclient or get a privledge exploit?
I'm not sure I understand. There's no dhclient systemd unit to put PrivateTmp into. dhclient is started either by NetworkManager (NM) or by network-scripts. And in case of NM the dhclient-script is even not used because NM has its own "script" for dhclient.
I thought I checked that it is had a systemd unit file. Sorry never mind.