Re: Bug#556522: hurd - using the login shell is insecure
On Wed, Nov 18, 2009 at 01:20:33AM +0100, Samuel Thibault wrote:
> olafBuddenhagen@gmx.net, le Tue 17 Nov 2009 01:23:02 +0100, a écrit :
> > On Mon, Nov 16, 2009 at 03:27:45PM +0100, Bastian Blank wrote:
> > actually the access of the login shell is controlled by the
> > "unknown" permissions -- a special fourth set of file permission
> > bits.
> Which still permits to fill /tmp with files,
Well, depends on u's permissions on /tmp... :-)
I agree though that it's not really possible to make this safe, with the
current state of affairs.