[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: FHS compliance and UNIX sockets

On Mon, Jan 29, 2001 at 06:58:11PM +1100, Brian May wrote:

> >>>>> "Matt" == Matt Zimmerman <mdz@debian.org> writes:
>     Matt> /dev/log and /tmp/.X11-unix, at least, must at least be
>     Matt> replaced by symlinks, as statically linked software will
>     Matt> look for them there, including many chrooted daemon
>     Matt> programs.
> Do these programs (that access /tmp/.X11-unix) really accept
> symlinks?
> (if they do then that is a potential security bug - the sym-link could
> point anywhere)

How is that different from the current situation?  Anyone could create
/tmp/.X11-unix, since /tmp is world-writable.  In the case of /dev/log, only
root could create a symlink there.

 - mdz

Reply to: