On Tue, 27 Dec 2005, Ted Unangst wrote: > On 12/27/05, Otto Moerbeek <[EMAIL PROTECTED]> wrote: > > On Tue, 27 Dec 2005, Dave Feustel wrote: > > > > > by KDE are root-owned and world rw. There is also a problem with the > > > socket > > > /tmp/.X11-unix/X0. This is documented on the web and even in an OpenBSD > > > presentation on XFree86 from about 2002. > > > > Dunno about KDE but can you elaborate or give refs why having a world > > writable unix domain socket is considered a problem? > > this is obviously a source of confusion. the permissions on a socket > mean *nothing*. anyone can open any socket regardless of permissions, > so long as they have necessary directory permissions to find it.
That used to be the case. But since quite some time, you'll need write permission to open a unix domain socket. http://www.openbsd.org/cgi-bin/cvsweb/src/sys/kern/uipc_usrreq.c?rev=1.2&content-type=text/x-cvsweb-markup -Otto
