On Wed, 6 Apr 2011, Yaroslav Halchenko <deb...@onerussian.com> wrote: > sorry for a blunt follow-up -- wouldn't making /var/run writable by > regular mortals ask for security concerns if an attacker starts > pre-creating files/pipes trying to steal the communications of > daemons spawned by root or just ruin some data on the system by > symlinking against root-owned files?
There have been security issues with daemons using /tmp for Unix domain sockets in the past. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201104060748.16848.russ...@coker.com.au
