[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#620458: base-files: Please make /var/run world-writable and sticky, like /var/lock and /tmp

On Wed, 6 Apr 2011, Yaroslav Halchenko <debian@onerussian.com> wrote:
> sorry for a blunt follow-up -- wouldn't making /var/run writable by
> regular mortals  ask for security concerns if an attacker starts
> pre-creating files/pipes trying to steal the communications of
> daemons spawned by root or just ruin some data on the system by
> symlinking against root-owned files?

There have been security issues with daemons using /tmp for Unix domain 
sockets in the past.

My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/

Reply to: