Alan Coopersmith wrote:
ody wrote:
I remedied this by creating a symlink from /tmp/SUNWut/dev ->
/var/tmp/dev. Also talking to our Admin about the how much security
nosuid actually provides /tmp.
What about changing nosuid to nosetuid on /tmp so you still block
setuid-apps, but not devices?
I think sound will still be a problem. utaudio is setuid because it has
to create device nodes. I'm not sure how many other processes may be
affected - all of the other system daemons run as root, so impact may be
limited to sound.
This isn't changing any time soon.
-Bob
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
