On Fri, Jun 22, 2007 at 05:17:25PM -0700, ottomeister wrote: > On 6/22/07, Gary Mills <[EMAIL PROTECTED]> wrote: > >On Fri, Jun 22, 2007 at 12:34:23PM -0700, ottomeister wrote: > >> On 6/21/07, Asad Memon <[EMAIL PROTECTED]> wrote: > >> My guess is that someone removed the SRSS directories > >> below /tmp/SUNWut, and/or possibly below /var/opt/SUNWut. > > > >It would be really nice if SRSS would create those files someplace > >other than in /tmp. /var/run would be better, for example. > > This is CR 4525266. It was opened as a low priority request > (basically a "nice to have", not a "need to have") so there's > always been something more pressing to work on. As usual, > if customers tell Sun that this issue is important then there's > more chance that someone will get assigned to work on it.
Do I need to open a support case to do this? > Personally I'm not keen on /var/run as the new location. > I think of that more as a scratch area for system (root- or > daemon-owned) stuff. I'd prefer to mount a separate > tmpfs at some new location, maybe someplace below > /var/opt. That would be fine with me as well. > >We normally mount /tmp with the nosuid option as a security precaution; > >this prevents the Sun Ray audio devices from working. > > Solaris now differentiates between setid-executable and > device-node access, so if you're really only worried about > setid executables appearing in /tmp you could use > 'nosetuid' rather than 'nosuid' to let the audio devices > work. Or is it that you don't want to allow devices in /tmp > at all but would be willing to allow them in an > SRSS-managed mount at some other location? Our policy is `no setuid execution and no devices on filesystems that contain user-writable directories'. So, this includes /tmp, /var, and home directories. It's an attempt to prevent some types of privilege escalation attacks. > >We also > >normally remove day-old files in /tmp to prevent users from using > >it for storage of files. Clever users could create directories > >called SUNWut to get around this procedure. > > You could deal with that by taking into account that the > SRSS-created /tmp/SUNWut is owned by root. I think the > only not-a-device things below /tmp/SUNWut that aren't > owned by root are the mount directories for mass storage > devices, and any files that are on mounted mass storage > devices. > > I suppose that if you want to prevent people from storing > long-term files in the SUNWut device/mount tree, > regardless of where it might be rooted, then your tidy > script should walk the SRSS mountpoint parent > directories while taking care to not descend through a > mount point and start removing files from someone's > personal USB flash gizmo. That makes it rather complicated. Our users are not as clever at hiding things as they used to be. The main thing that happens now is that people follow instructions that tell them to create files in /tmp, not realizing that it's a memory-based filesystem on Solaris, and that its size is limited on our systems. The cleanup script doesn't need to be as diligent as it did in the past, although it still needs to be careful. -- -Gary Mills- -Unix Support- -U of M Academic Computing and Networking- _______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
