Re: RFD: use transient /var/run (tmpfs) or not?
> On Tue, 21 Sep 2004 21:37, Matus UHLAR - fantomas <uhlar@fantomas.sk> wrote:
> > startup scripts in /etc/rc?.d run as root and have privileges to
> > mkdir/chown/chmod the directory.
> >
> > So the problem will only be, when user will wants to start it manually.
> > But running startup script via sudo (or its alternative) is imho better
> > than executing daemon manually, so I see no problem here.
On 25.09 01:12, Russell Coker wrote:
> The problem is that many daemons want/need to create files under
> /var/run. So those daemons have write access to /var/run for whatever
> they want to create.
>
> If an attacker knows of a security hole in one of the daemons that
> starts early in the boot sequence they could make it create files or
> directories of the names that match those which are used by daemons
> started later in the boot sequence.
Pardon me, but: if /var/run is writable only by root (it should),
no attacker without root privileges is able to create a sudirectory in it.
And, if attacker can have access to /var/run before the startup scripts
finish, something is wrong there, isn't it?
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Atheism is a non-prophet organization.
Reply to: