[prev in list] [next in list] [prev in thread] [next in thread]
List: wine-devel
Subject: Re: wineserver socket file and DOS attacks
From: Ove Kaaven <ovek () arcticnet ! no>
Date: 2008-04-30 19:08:37
Message-ID: 4818C3B5.9000008 () arcticnet ! no
[Download RAW message or body]
Maarten Lankhorst skrev:
> The latter won't work, they could create the directory and then delete
> it after wineserver started. I don't think it is really a problem, by
> the time someone else can put that directory in /tmp chances are that
> they can do a lot more malicious things then just making Wine refuse
> to run.
Like what? The UNIX user/permission system, including the sticky bit
used on /tmp, is supposed to protect local users against each other, but
this is contingent on files created in /tmp using unique names (like
what mktemp generates). There's very little else malicious people can do
if the system is otherwise properly set up in a secure fashion, and this
socket-in-/tmp thing sounds like a quite legitimate concern.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic