On Mon, 2008-05-05 at 09:11 +0200, Marcus Meissner wrote: > On Mon, May 05, 2008 at 08:47:52AM +0200, Francois Gouget wrote: > > > > In /tmp I see the following: > > > > .X0-lock > > .X11-unix/ > > fgouget/ > > gconfd-fgouget/ > > vmware-fgouget/ > > xmms_fgouget.0 > > > > So it seems like if there is a malicious user Wine will not be the only > > application that will be affected. So the question is: are all these > > apps susceptible to DoS or do they avoid DoS somehow? And if they > > prevent DoS, how and is that technique applicable to Wine? > > For gconfd-* gconfd2 creates secondary directories if one is present > (and checks if its there). > > .X11-unix/ is on suse created during install at least, so no problem. > > No idea about the others.
Good question about other socket files. I wasn't able to get gconfd to create secondary files, so creating /tmp/gconfd-<user name> as another user broke gconf-editor for me. The .X* files should not be a problem if the X server is started when the system boots. But if the system boots up in text mode it's possible to stop the X server from being started manually (startx) by creating those directories and by putting bad files in them. -- ----------------------------------------------------------------------- | Steven Elliott | [EMAIL PROTECTED] | -----------------------------------------------------------------------