Re: FHS compliance and UNIX sockets
- To: email@example.com
- Subject: Re: FHS compliance and UNIX sockets
- From: Brian May <firstname.lastname@example.org>
- Date: 02 Feb 2001 12:23:13 +1100
- Message-id: <email@example.com>
- In-reply-to: firstname.lastname@example.org's message of "2 Feb 01 01:20:15 GMT"
- References: <email@example.com> <200101290647.f0T6lbF28325@linda.lfix.co.uk> <20010129205852.D1255@azure.humbug.org.au> <20010129205948.B20839@holomorphy.com> <20010130065613.R686@justice.loyola.edu> <20010130142512.K24991@kitenet.net> <firstname.lastname@example.org> <email@example.com> <20010201162015.F6907@plato.local.lan>
>>>>> "Ethan" == Ethan Benson <firstname.lastname@example.org> writes:
Ethan> On Thu, Feb 01, 2001 at 10:52:11AM +1100, Brian May wrote:
>> where /tmp/user is owned by root, and a very simply setuid root
>> program does (translated to more appropriate language):
>> 1. mkdir /tmp/user/$UID 2. chown $UID /tmp/user/$UID
>> Now, DOS is impossible.
Ethan> why make things setuid root unecessarily? this small
Ethan> program can be simplified by making /tmp/user/ mode 1775
Ethan> root.tmp or somesuch. then the small helper only needs to
Ethan> be setgid tmp. you no longer have to worry about chown()
Ethan> that way either. if an exploit is found in this program
Ethan> you are no worse off then plain 1777 /tmp.
(I had a feeling setgid would be better, but didn't realize it would
be this much better.)
Brian May <email@example.com>