[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#620458: marked as done (base-files: Please make /var/run world-writable and sticky, like /var/lock and /tmp)

Your message dated Sat, 9 Apr 2011 10:00:13 +0200
with message-id <201104091000.14422.holger@layer-acht.org>
and subject line Re: Processed: Re: Bug#620458: base-files: Please make /var/run world-writable and sticky, like /var/lock and /tmp
has caused the Debian Bug report #620458,
regarding base-files: Please make /var/run world-writable and sticky, like /var/lock and /tmp
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org

620458: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=620458
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: base-files
Version: 6.1
Severity: wishlist

/tmp and /var/lock currently allow writes by anyone, with the sticky bit
set to only allow removal by the owner.  Please consider doing the same
for /var/run.  That would allow daemons run as non-root users (including
those run as part of user sessions) to put their sockets in /var/run.

Josh Triplett

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages base-files depends on:
ii  gawk [awk]                1:3.1.7.dfsg-5 GNU awk, a pattern scanning and pr
ii  mawk [awk]                1.3.3-15       a pattern scanning and text proces

base-files recommends no packages.

base-files suggests no packages.

-- no debconf information

--- End Message ---
--- Begin Message ---

On Dienstag, 5. April 2011, Marco d'Itri wrote:
> On Apr 05, Michael Biebl <biebl@debian.org> wrote:
> > Very bad idea imho, I'm strongly against it.
> > The point of /run is not to create a second /tmp, where everyone can
> > write into.
> Agreed, I really do not want to consider the security implications of a
> world-writeable {,/var}/run.
> Programs which use /run are supposed to use a subdirectory anyway.

Agreed, thus closing.


Attachment: signature.asc
Description: This is a digitally signed message part.

--- End Message ---

Reply to: