[Info-vax] DCL enhancements

[Stephen Hoffman]

On 2021-01-25 20:27:12 +0000, Craig A. Berry said:

> It's probably a better default than dumping everything in a 
> world-writable /tmp, which I'm pretty sure was the contemporary 
> solution on other systems at the time VMS made SYS$LOGIN the default. 
> But yes, it would be nice if 40 years on someone had gotten around to 
> secure, configurable, auto-purging scratch space that didn't drop 
> things in the user's home directory.

The present design and present default is just hilarious.

I appreciate what's here with file versions and temporaries, were we 
still in ~1980, with ~1980 hardware and software constraints and 
expectations.

As a replacement, random process-local or job-local tmp path (e.g. 
CPRNG) with default subdirectory protections set to constrain 
badly-chosen file protections should suffice.

That tmp path could be within the user's own path (which somewhat 
reduces the security concerns), or in a group- or system- or 
cluster-wide shared temporary storage area elsewhere.

Mistakes here are far too easy, examples and docs problematic, and the 
whole thing is seemingly built to add more work on the developer and/or 
system administrator.

Put differently, temporary files and log files are just scattered all 
over the place. In users' directories, in SYS$MANAGER:, hidden within 
the file system, delete-on-close files, etc.

On your average OpenVMS system, there's trash all over the place. With 
some sites, more than a little of the trash is decades-old lower file 
versions.


-- 
Pure Personal Opinion | HoffmanLabs LLC