Re: possible security flaw in screen 3.9.5-9
On Fri, Sep 08, 2000 at 05:52:42PM -0800, Ethan Benson wrote:
> On Sat, Sep 09, 2000 at 12:00:19AM +1100, CaT wrote:
> > What screen does there is to create subdirs which are then used
> > to hold a users pipes. Now these subdirs are owned by the user
> > that runs screen. The hassle with this is that it gives the user
> > a. a possible way around quotas set on /home b. a method of fully
> > filling up /var, thereby potentially causing log entries to be
> > lost which, in turn, gives the user anice, untracable way of then
> > doing naughty things without those naughty things getting logged.
> > Said user can then rm the large file they created and noone would
> > be any the wiser.
>
> users have write permission to /var unless you really make alot of
> changes, on my system i have:
>
> /var/lock
> /var/tmp ## for me this is a sep partition
> /var/lib/texmf/*
> /var/mail/user
For my system:
[13:09:22] root@nessie:/root>> find /var -perm +o+w -mount
[13:09:26] root@nessie:/root>>
I've not had problems. :)
Still, why does /var/lib/texmf/* need to be publically writeable?
That's a package I don't have installed.
> if your worried about users messing with /var put quotas on /var.
If that's the only solution then yes, but why do we need global
write access to /var in the first place?
> > As such I reckon it's best if the screen directory is left in
> > /tmp where the authors initially put it. It's inconvenient but
> > doesn't cause the problems above.
>
> more headaches for /tmp cleaners and it does not solve any of the
> above problems. to solve the above problems enforce quotas on /var
Well it does... Logging will go on etc. As for /tmp cleaners, somehting
like tmpwatch is a good start, but it'd be nice if it had an exclusion
list to the global timeout. It'd make it much more useful. :)
--
CaT (cat@zip.com.au)
'He had position, but I was determined to score.'
-- Worf, DS9, Season 5: 'Let He Who Is Without Sin...'
Reply to: