Re: FHS compliance and UNIX sockets

To: debian-devel@lists.debian.org
Subject: Re: FHS compliance and UNIX sockets
From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Tue, 30 Jan 2001 19:59:03 +1100
Message-id: <[🔎] 200101300859.f0U8x3Y00447@gondor.apana.org.au>
In-reply-to: <aj@azure.humbug.org.au> <[🔎] 200101300114.f0U1E7728858@gondor.apana.org.au> <[🔎] 20010129163624.I10629@plato.local.lan>

Ethan Benson <erbenson@alaska.net> wrote:

> sorry but this is nuts, ssh-agent is not written to be a set[ug]id
> program, making it setuid would be dangerous.  it probably would not
> even function correctly. =20

So what? You can write in such a way that the first thing it does is to
create that directory and then immediately drop the privilege.  If you're
worried about giving users write permission under /var/run, just make the
socket there and forget about the directory.
-- 
Debian GNU/Linux 2.2 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Reply to:

References:
- Re: FHS compliance and UNIX sockets
  - From: Ethan Benson <erbenson@alaska.net>

Prev by Date: Re: debconf template update
Next by Date: Re: SSHd not respecting configuration in /etc
Previous by thread: Re: FHS compliance and UNIX sockets
Next by thread: Re: FHS compliance and UNIX sockets
Index(es):
- Date
- Thread