[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: FHS compliance and UNIX sockets



On Thu, Feb 01, 2001 at 10:52:11AM +1100, Brian May wrote:
> where /tmp/user is owned by root, and a very simply setuid root program
> does (translated to more appropriate language):
> 
> 1. mkdir /tmp/user/$UID
> 2. chown $UID /tmp/user/$UID
> 
> Now, DOS is impossible.

why make things setuid root unecessarily?  this small program can be
simplified by making /tmp/user/ mode 1775 root.tmp or somesuch.  then
the small helper only needs to be setgid tmp.  you no longer have to
worry about chown() that way either.  if an exploit is found in this
program you are no worse off then plain 1777 /tmp. 

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgpBXXQ9tCUlf.pgp
Description: PGP signature


Reply to: