[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: One Way to Increase KDE security
From: Kevin Krammer <kevin.krammer () gmx ! at>
Date: 2005-12-27 19:27:28
Message-ID: 200512272027.35169.kevin.krammer () gmx ! at
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On Tuesday 27 December 2005 19:58, Dave Feustel wrote:
> 'threat' implies *potential* or *possible* damage. The unused socket could
> possibly be used to cause damage. I prefer to follow what I think is the
> OpenBSD philosophy and deal with a potential threat before it becomes
> manifest. But the semantic wrangling aside, I suspect we are on the same
> page.
Given that we are talking about OpenBSD, I find it highly unlikely that a
close unix domain socket can be used to break anything.
> For starters, start kde, do some things, exit kde, then do a find /tmp -ls.
> There always seem to be KDE sockets lying around. I have "export
> TMPDIR=/home/daf/Tmp" in my .profile (and do "rm -rf Tmp/*" after a kde
> session) but some KDE and XORG temp files are still put in /tmp. I now do
> "rm -rf /tmp/*" regularly to get rid of the files remaining.
Try KDETMP and KDEVARTMP according to the KDE sys admin documentation on
environment variables.
Cheers,
Kevin
--
Kevin Krammer <kevin.krammer@gmx.at>
Qt/KDE Developer, Debian User
Moderator: www.mrunix.de (German), www.qtforum.org
[Attachment #5 (application/pgp-signature)]
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic