Russell Coker russ...@coker.com.au writes:
On Wed, 6 Apr 2011, Yaroslav Halchenko deb...@onerussian.com wrote:
sorry for a blunt follow-up -- wouldn't making /var/run writable by
regular mortals ask for security concerns if an attacker starts
pre-creating files/pipes trying to steal the
Processing commands for cont...@bugs.debian.org:
reassign 620458 general
Bug #620458 [base-files] base-files: Please make /var/run world-writable and
sticky, like /var/lock and /tmp
Bug reassigned from package 'base-files' to 'general'.
Bug No longer marked as found in versions base-files/6.1.
reassign 620458 general
thanks
On Fri, 1 Apr 2011, Josh Triplett wrote:
Package: base-files
Version: 6.1
Severity: wishlist
/tmp and /var/lock currently allow writes by anyone, with the sticky bit
set to only allow removal by the owner. Please consider doing the same
for /var/run. That
Am 05.04.2011 17:30, schrieb Debian Bug Tracking System:
Processing commands for cont...@bugs.debian.org:
reassign 620458 general
Bug #620458 [base-files] base-files: Please make /var/run world-writable and
sticky, like /var/lock and /tmp
Bug reassigned from package 'base-files' to
On Apr 05, Michael Biebl bi...@debian.org wrote:
Very bad idea imho, I'm strongly against it.
The point of /run is not to create a second /tmp, where everyone can write
into.
Agreed, I really do not want to consider the security implications of a
world-writeable {,/var}/run.
Programs which
sorry for a blunt follow-up -- wouldn't making /var/run writable by
regular mortals ask for security concerns if an attacker starts
pre-creating files/pipes trying to steal the communications of
daemons spawned by root or just ruin some data on the system by
symlinking against root-owned files?
Am 05.04.2011 18:29, schrieb Marco d'Itri:
On Apr 05, Michael Biebl bi...@debian.org wrote:
Very bad idea imho, I'm strongly against it.
The point of /run is not to create a second /tmp, where everyone can write
into.
Agreed, I really do not want to consider the security implications of a
On Tue, 05 Apr 2011, Michael Biebl wrote:
Am 05.04.2011 17:30, schrieb Debian Bug Tracking System:
Processing commands for cont...@bugs.debian.org:
reassign 620458 general
Bug #620458 [base-files] base-files: Please make /var/run world-writable
and sticky, like /var/lock and /tmp
Am 05.04.2011 19:03, schrieb Don Armstrong:
On Tue, 05 Apr 2011, Michael Biebl wrote:
Am 05.04.2011 17:30, schrieb Debian Bug Tracking System:
Processing commands for cont...@bugs.debian.org:
reassign 620458 general
Bug #620458 [base-files] base-files: Please make /var/run world-writable
On Wed, 6 Apr 2011, Yaroslav Halchenko deb...@onerussian.com wrote:
sorry for a blunt follow-up -- wouldn't making /var/run writable by
regular mortals ask for security concerns if an attacker starts
pre-creating files/pipes trying to steal the communications of
daemons spawned by root or
10 matches
Mail list logo