Re: FHS compliance and UNIX sockets
- To: debian-devel@lists.debian.org
- Subject: Re: FHS compliance and UNIX sockets
- From: Brian May <bam@debian.org>
- Date: 02 Feb 2001 12:23:13 +1100
- Message-id: <[🔎] 84lmrpx4hq.fsf@snoopy.apana.org.au>
- In-reply-to: erbenson@alaska.net's message of "2 Feb 01 01:20:15 GMT"
- References: <aj@azure.humbug.org.au> <200101290647.f0T6lbF28325@linda.lfix.co.uk> <20010129205852.D1255@azure.humbug.org.au> <20010129205948.B20839@holomorphy.com> <20010130065613.R686@justice.loyola.edu> <20010130142512.K24991@kitenet.net> <87u26g8wa7.fsf@manon.intern.opera.no> <848znrjn4k.fsf@snoopy.apana.org.au> <[🔎] 20010201162015.F6907@plato.local.lan>
>>>>> "Ethan" == Ethan Benson <erbenson@alaska.net> writes:
Ethan> On Thu, Feb 01, 2001 at 10:52:11AM +1100, Brian May wrote:
>> where /tmp/user is owned by root, and a very simply setuid root
>> program does (translated to more appropriate language):
>>
>> 1. mkdir /tmp/user/$UID 2. chown $UID /tmp/user/$UID
>>
>> Now, DOS is impossible.
Ethan> why make things setuid root unecessarily? this small
Ethan> program can be simplified by making /tmp/user/ mode 1775
Ethan> root.tmp or somesuch. then the small helper only needs to
Ethan> be setgid tmp. you no longer have to worry about chown()
Ethan> that way either. if an exploit is found in this program
Ethan> you are no worse off then plain 1777 /tmp.
Good point.
(I had a feeling setgid would be better, but didn't realize it would
be this much better.)
--
Brian May <bam@debian.org>
Reply to: