[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#620458: base-files: Please make /var/run world-writable and sticky, like /var/lock and /tmp

Russell Coker <russell@coker.com.au> writes:

> On Wed, 6 Apr 2011, Yaroslav Halchenko <debian@onerussian.com> wrote:
>> sorry for a blunt follow-up -- wouldn't making /var/run writable by
>> regular mortals  ask for security concerns if an attacker starts
>> pre-creating files/pipes trying to steal the communications of
>> daemons spawned by root or just ruin some data on the system by
>> symlinking against root-owned files?
>
> There have been security issues with daemons using /tmp for Unix domain 
> sockets in the past.

And the same issues would happen in /var/run. A different base path
doesn't make security bugs disapear.

MfG
        Goswin
Reply to: