Re: possible security flaw in screen 3.9.5-9

To: CaT <cat@zip.com.au>
Cc: debian-security@lists.debian.org
Subject: Re: possible security flaw in screen 3.9.5-9
From: Ethan Benson <erbenson@alaska.net>
Date: Fri, 8 Sep 2000 18:33:01 -0800
Message-id: <[🔎] 20000908183301.D4439@plato.local.lan>
In-reply-to: <[🔎] 20000909131619.A188@zip.com.au>; from cat@zip.com.au on Sat, Sep 09, 2000 at 01:16:19PM +1100
References: <[🔎] 20000909000019.N4385@zip.com.au> <[🔎] 20000908175242.Z4439@plato.local.lan> <[🔎] 20000909131619.A188@zip.com.au>

On Sat, Sep 09, 2000 at 01:16:19PM +1100, CaT wrote:

> 
> For my system:
> 
> [13:09:22] root@nessie:/root>> find /var -perm +o+w -mount
> [13:09:26] root@nessie:/root>>
> 
> I've not had problems. :)

you have removed /var/lock? and i presume made /var/tmp its own
partition.  

> Still, why does /var/lib/texmf/* need to be publically writeable?

design flaws in tetex.  see the BTS for a long discussion about it.
its not trivial to fix unfortunatly.  

> That's a package I don't have installed.

most people do since its priority standard.  

> > if your worried about users messing with /var put quotas on /var. 
> 
> If that's the only solution then yes, but why do we need global
> write access to /var in the first place?

/var/lock i am not sure about, i don't usually see anything in there,
though right now i see a 
-rw-r--r--    1 root     root           11 Sep  8 18:10 LCK..ttyS0

which belongs to pppd, but it runs as root.

/var/lock is cleaned on boot. 

> > more headaches for /tmp cleaners and it does not solve any of the
> > above problems.  to solve the above problems enforce quotas on /var
> 
> Well it does... Logging will go on etc. As for /tmp cleaners, somehting
> like tmpwatch is a good start, but it'd be nice if it had an exclusion
> list to the global timeout. It'd make it much more useful. :)

like this (from /etc/cron.daily/tmpreaper):

# ! Important !  Please read the manual regarding the --protect option.
#                The pattern *MUST* be surrounded by single quotes.

nice -n10 tmpreaper --mtime-dir --symlinks 7d  \
  --protect '/tmp/.X*-{lock,unix,unix/*}' \
  --protect '/tmp/.ICE-{unix,unix/*}' \
  --protect '/tmp/.iroha_{unix,unix/*}' \
  --protect '/tmp/.ki2-{unix,unix/*}' \
  --protect '/tmp/.font-unix' \
  --protect '/tmp/lost+found' \
  --protect '/tmp/quota.user' \
  --protect '/tmp/quota.group' \
    /tmp

still i don't think its good to overload /tmp with this kind of
garbage more then necessary or that list could get rediculous.

FHS may answer some of these questions too.

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgp3QoZztasZZ.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: possible security flaw in screen 3.9.5-9
  - From: CaT <cat@zip.com.au>
- Re: possible security flaw in screen 3.9.5-9
  - From: Tollef Fog Heen <tollef@add.no>

References:
- possible security flaw in screen 3.9.5-9
  - From: CaT <cat@zip.com.au>
- Re: possible security flaw in screen 3.9.5-9
  - From: Ethan Benson <erbenson@alaska.net>
- Re: possible security flaw in screen 3.9.5-9
  - From: CaT <cat@zip.com.au>

Prev by Date: Re: possible security flaw in screen 3.9.5-9
Next by Date: Re: possible security flaw in screen 3.9.5-9
Previous by thread: Re: possible security flaw in screen 3.9.5-9
Next by thread: Re: possible security flaw in screen 3.9.5-9
Index(es):
- Date
- Thread