|
On 02/08/2014 07:12 PM (US Eastern
Time), Andreas Tille wrote:
[KSB] <...snip...>
[KSB] gtmsecshr is a program that is installed setuid root because there are functions it performs on behalf of normal processes (unlike many database engines, GT.M does not use a database daemon). Details of these functions are in Appendix E (Security Philosophy) of the GT.M Administration and Operations Guide UNIX Edition (for all current GT.M documentation, go to http://fis-gtm.com and click on the User Documentation tab). Since gtmsecshr is installed as setuid root, it has a number of checks to validate its invocation, including that it is being invoked from the GT.M distribution to which it belongs. As there would be a vulnerability in the validation if the link were a symbolic link, it must be a hard link. As the hard link is between the directories pointed to by $gtm_dist and $gtm_dist/utf8, and as the utf8 subdirectory is created as part of the GT.M installation, there is never a case where the utf8 subdirectory is on a different file system, and never a case where the symbolic link is appropriate. Regards -- Bhaskar -- GT.M - Rock solid. Lightning fast. Secure. No compromises.
_____________
The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. |