I would like to prevent 2 non-root users on the same Linux system from sharing files with each other (via their use of /tmp). Is this possible somehow?
If I restrict /tmp to 0770 (root:root as the owner:group) and define a user-specific TMPDIR via an export TMPDIR=~/tmp; mkdir -p $TMPDIR early on in the boot process (say, via an rc[35].d script), then GConf2 starts having problems. A typical error I then get is:
/usr/libexec/gconf-sanity-check-2 exited with status 256
Everything seems to work fine in Run Level 3 (non GUI)... though I could be wrong in concluding this prematurely, and problems could surface later in Run Level 3 as well.
My experience so far with TMPDIR seems to indicate that it is either broken, or is not sufficiently documented, or is not being embraced by all Gnome applications.
This would be an extremely bad idea. It violates an extremely widespread (pervasive) and long-standing (as in "from time immemorial") set of assumptions that's likely to be ingrained in a great many applications and utilities.
You'd be far better to create chroot jails or virtual subsystems and confine these users thereby rather than trying to simply lock them out of /tmp.
TMPDIR is only a convention, not a standard. UNIX/Linux programs are free to honor or not at the whims of their authors and maintainers.
Bad idea as others pointed out. You can use ACLs to get similar result:
Don't get me wrong. The ACL will break things too, if not now then in future, but the impact will be hopefully somewhat limited. I would test as a minimum if I can still (1) backup (2) restore (3) patch system after these changes.
I don't think it is a good idea to change the
/tmppermissions. Many applications create files temporary under/tmpand they are not running necessarily under root privileges. So, you will break them if you do so.