1 files changed, 22 insertions, 0 deletions

diff --git a/issues/genenetwork/handle-tmp-dirs-in-container.gmi b/issues/genenetwork/handle-tmp-dirs-in-container.gmi
new file mode 100644
index 0000000..5f6eb92
--- /dev/null
+++ b/issues/genenetwork/handle-tmp-dirs-in-container.gmi
@@ -0,0 +1,22 @@
+# Handle Temporary Directories in the Container
+
+## Tags
+
+* type: feature
+* assigned: fredm
+* priority: critical
+* status: closed, completed
+* keywords: production, container, tux04
+* interested: alexk, aruni, bonfacem, pjotrp, zsloan
+
+## Description
+
+The container's temporary directories should be in a large partition on the host to avoid a scenario where the writes fill up one of the smaller drives.
+
+Currently, we use the `/tmp` directory by default, but we should look into transitioning away from that — `/tmp` is world readable and world writable and therefore needs careful consideration to keep safe.
+
+Thankfully, we are running our systems within a container, and can bind the container's `/tmp` directory to a non-world-accessible directory, keeping things at least contained.
+
+### Fixes
+
+=> https://git.genenetwork.org/gn-machines/commit/?id=7306f1127df9d4193adfbfa51295615f13d32b55