Hell Ove, 2008/4/30 Ove Kaaven <[EMAIL PROTECTED]>: > Maarten Lankhorst skrev: > > > > The latter won't work, they could create the directory and then delete > > it after wineserver started. I don't think it is really a problem, by > > the time someone else can put that directory in /tmp chances are that > > they can do a lot more malicious things then just making Wine refuse > > to run. > > > > Like what? The UNIX user/permission system, including the sticky bit used > on /tmp, is supposed to protect local users against each other, but this is > contingent on files created in /tmp using unique names (like what mktemp > generates). There's very little else malicious people can do if the system > is otherwise properly set up in a secure fashion, and this socket-in-/tmp > thing sounds like a quite legitimate concern. Wine checks ownership of the socket and directory, so race conditions aren't really a problem. This means that despite being put in a public directory there is no chance of a race condition. I don't see a security risk here, if someone is evil they could create that directory so wine wouldn't run, but that harm is only restricted to 'wine does not start'.
Cheers, Maarten.
