On Wed, 31 Jan 2001, Herbert Xu wrote: > Michael Stone <mstone@debian.org> wrote: > > On Mon, Jan 29, 2001 at 08:59:48PM -0800, William Lee Irwin III wrote: > >> The /var/run/$USER idea seems fine to me, what sort of trouble does > >> that run into (aside from not addressing IPC between programs with > >> different uid's)? > > > It buys absolutely nothing that you couldn't get with per-user tmpdirs, > > and further pollutes /var. > > It prevents simple DOS's for one, it also means that your average /tmp > security hole may be harder to exploit. /var/run/$USER under ext2 and a LOT of users can easily become a DoS attack in itself... -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh
Attachment:
pgphPPkfbtAXk.pgp
Description: PGP signature