[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFD: use transient /var/run (tmpfs) or not?

> On Tue, 21 Sep 2004 21:37, Matus UHLAR - fantomas <uhlar@fantomas.sk> wrote:
> > startup scripts in /etc/rc?.d run as root and have privileges to
> > mkdir/chown/chmod the directory.
> >
> > So the problem will only be, when user will wants to start it manually.
> > But running startup script via sudo (or its alternative) is imho better
> > than executing daemon manually, so I see no problem here.

On 25.09 01:12, Russell Coker wrote:
> The problem is that many daemons want/need to create files under
> /var/run.  So those daemons have write access to /var/run for whatever
> they want to create.
> If an attacker knows of a security hole in one of the daemons that
> starts early in the boot sequence they could make it create files or
> directories of the names that match those which are used by daemons
> started later in the boot sequence.

Pardon me, but: if /var/run is writable only by root (it should),
no attacker without root privileges is able to create a sudirectory in it.

And, if attacker can have access to /var/run before the startup scripts
finish, something is wrong there, isn't it?

Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Atheism is a non-prophet organization. 

Reply to: