On Mon, May 05, 2008 at 08:47:52AM +0200, Francois Gouget wrote: > On Wed, 30 Apr 2008, Steven Elliott wrote: > > > I have some concerns about the location of the socket file that > > wineserver uses. Since by default the current location is in /tmp my > > concern is that anyone can stop anyone else from using wine just by > > creating a directory named /tmp/.wine-500. > [...] > > In /tmp I see the following: > > .X0-lock > .X11-unix/ > fgouget/ > gconfd-fgouget/ > vmware-fgouget/ > xmms_fgouget.0 > > So it seems like if there is a malicious user Wine will not be the only > application that will be affected. So the question is: are all these > apps susceptible to DoS or do they avoid DoS somehow? And if they > prevent DoS, how and is that technique applicable to Wine?
For gconfd-* gconfd2 creates secondary directories if one is present (and checks if its there). .X11-unix/ is on suse created during install at least, so no problem. No idea about the others. Ciao, Marcus
