[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: denial of service attack for X/esound?


What about protecting .esd in a manner similar to {x,g,w,k}dm, by starting
it at boot, or having {x,g,w,k}dm start it?

Granted, this doesn't solve the underlying problem (which is that
.X11-unix and .esd are in /tmp, which is bad; they should probably be
somewhere in /var), but it _does_ make life easier for admins of
multi-user systems. Nobody lets ordinary users run startx, anyway. :)



Version: 3.12
GCM d- s:+ a--- C++++ UL++++ P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+
G e-- h++ r--- y

On 16 Feb 2000, Brian May wrote:

> >>>>> "Peter" == Peter Cordes <peter@llama.nslug.ns.ca> writes:
>     Peter>  Oh... even better idea: bootmisc.sh could check for the
>     Peter> existence of /tmp/.X11-unix before cleaning out /tmp.  If
>     Peter> it exists, then it is recreated with mode 1777
> This would be better. However, it still doesn't solve the initial
> problem I had where the previous user still owned /tmp/.esd/socket,
> denying me access ;-(. (unless you reboot...).
> -- 
> Brian May <bam@debian.org>
> --  
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: