Re: Whom the BIND newest vulnerability concerns?

To: tomek@lodz.tpsa.pl (Tomasz Papszun)
Cc: debian-devel@lists.debian.org
Subject: Re: Whom the BIND newest vulnerability concerns?
From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Tue, 16 Nov 1999 21:51:24 +1100
Message-id: <199911161051.VAA24713@gondor.apana.org.au>
In-reply-to: <19991112140622.A30598@lodz.tpsa.pl> <19991116103516.D21681@lodz.tpsa.pl>

Tomasz Papszun <tomek@lodz.tpsa.pl> wrote:
>
> Theoritically, there could be some DoS-type interference - when one
> program would create a pid-file normally used by another program.
> But - as you pointed out - they usually run as root so they could do
> bigger damages if they were compromised, anyway.

Yes but when you do this, those daemons that are now group daemon and not run
as root can create pid files for all daemons with pid files in /var/run if
they haven't started yet.  IMHO this is undesirable and is easily avoided by
having a subdirectory.
-- 
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Reply to:

Follow-Ups:
- Re: Whom the BIND newest vulnerability concerns?
  - From: Tomasz Papszun <tomek@lodz.tpsa.pl>

References:
- Re: Whom the BIND newest vulnerability concerns?
  - From: Tomasz Papszun <tomek@lodz.tpsa.pl>

Prev by Date: Re: Whom the BIND newest vulnerability concerns?
Next by Date: Re: Whom the BIND newest vulnerability concerns?
Previous by thread: Re: Whom the BIND newest vulnerability concerns?
Next by thread: Re: Whom the BIND newest vulnerability concerns?
Index(es):
- Date
- Thread