If you used ugidfw to prevent temp access to only the range of uid's you presently have, I'm thinking this should prevent an attacker from using /tmp to get around permissions restrictions. The question is, is there any kind of succint guide or list of what daemons need access to /tmp in order to function? Or do all daemons need this?

Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
The University of Texas at Dallas

freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to