Re: Bug#620458: base-files: Please make /var/run world-writable and sticky, like /var/lock and /tmp

To: debian-devel@lists.debian.org, Yaroslav Halchenko <debian@onerussian.com>, 620458@bugs.debian.org
Subject: Re: Bug#620458: base-files: Please make /var/run world-writable and sticky, like /var/lock and /tmp
From: Russell Coker <russell@coker.com.au>
Date: Wed, 6 Apr 2011 07:48:16 +1000
Message-id: <[🔎] 201104060748.16848.russell@coker.com.au>
Reply-to: russell@coker.com.au
In-reply-to: <[🔎] 20110405163159.GT6199@onerussian.com>
References: <20110402011125.9554.78181.reportbug@feather> <[🔎] alpine.DEB.2.00.1104051722280.21245@cantor.unex.es> <[🔎] 20110405163159.GT6199@onerussian.com>

On Wed, 6 Apr 2011, Yaroslav Halchenko <debian@onerussian.com> wrote:
> sorry for a blunt follow-up -- wouldn't making /var/run writable by
> regular mortals  ask for security concerns if an attacker starts
> pre-creating files/pipes trying to steal the communications of
> daemons spawned by root or just ruin some data on the system by
> symlinking against root-owned files?

There have been security issues with daemons using /tmp for Unix domain 
sockets in the past.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/

Reply to:

Follow-Ups:
- Re: Bug#620458: base-files: Please make /var/run world-writable and sticky, like /var/lock and /tmp
  - From: Goswin von Brederlow <goswin-v-b@web.de>

References:
- Bug#620458: base-files: Please make /var/run world-writable and sticky, like /var/lock and /tmp
  - From: Santiago Vila <sanvila@unex.es>
- Bug#620458: base-files: Please make /var/run world-writable and sticky, like /var/lock and /tmp
  - From: Yaroslav Halchenko <debian@onerussian.com>

Prev by Date: Re: Bug#620993: closed by Ben Hutchings <ben@decadent.org.uk> (Re: Bug#620993: general: Lenny 2.6.26-2 has noticably increased swap usage, tho not swap thrashing)
Next by Date: Bug#620993: closed by Ben Hutchings <ben@decadent.org.uk> (Re: Bug#620993: general: Lenny 2.6.26-2 has noticably increased swap usage, tho not swap thrashing)
Previous by thread: Bug#620458: base-files: Please make /var/run world-writable and sticky, like /var/lock and /tmp
Next by thread: Re: Bug#620458: base-files: Please make /var/run world-writable and sticky, like /var/lock and /tmp
Index(es):
- Date
- Thread