Re: FHS compliance and UNIX sockets
- To: debian-devel@lists.debian.org
- Subject: Re: FHS compliance and UNIX sockets
- From: Ethan Benson <erbenson@alaska.net>
- Date: Thu, 1 Feb 2001 16:20:15 -0900
- Message-id: <[🔎] 20010201162015.F6907@plato.local.lan>
- Mail-followup-to: debian-devel@lists.debian.org
- In-reply-to: <848znrjn4k.fsf@snoopy.apana.org.au>; from bam@debian.org on Thu, Feb 01, 2001 at 10:52:11AM +1100
- References: <aj@azure.humbug.org.au> <200101290647.f0T6lbF28325@linda.lfix.co.uk> <20010129205852.D1255@azure.humbug.org.au> <20010129205948.B20839@holomorphy.com> <20010130065613.R686@justice.loyola.edu> <20010130142512.K24991@kitenet.net> <87u26g8wa7.fsf@manon.intern.opera.no> <848znrjn4k.fsf@snoopy.apana.org.au>
On Thu, Feb 01, 2001 at 10:52:11AM +1100, Brian May wrote:
> where /tmp/user is owned by root, and a very simply setuid root program
> does (translated to more appropriate language):
>
> 1. mkdir /tmp/user/$UID
> 2. chown $UID /tmp/user/$UID
>
> Now, DOS is impossible.
why make things setuid root unecessarily? this small program can be
simplified by making /tmp/user/ mode 1775 root.tmp or somesuch. then
the small helper only needs to be setgid tmp. you no longer have to
worry about chown() that way either. if an exploit is found in this
program you are no worse off then plain 1777 /tmp.
--
Ethan Benson
http://www.alaska.net/~erbenson/
Attachment:
pgpDWx1zZL0Le.pgp
Description: PGP signature
Reply to: