Re: Bug#620458: base-files: Please make /var/run world-writable and sticky, like /var/lock and /tmp
On Wed, 6 Apr 2011, Yaroslav Halchenko <email@example.com> wrote:
> sorry for a blunt follow-up -- wouldn't making /var/run writable by
> regular mortals ask for security concerns if an attacker starts
> pre-creating files/pipes trying to steal the communications of
> daemons spawned by root or just ruin some data on the system by
> symlinking against root-owned files?
There have been security issues with daemons using /tmp for Unix domain
sockets in the past.
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/