Permissions on key directories/files.
George
jirka at 5z.com
Sat Mar 20 03:02:55 EET 2004
On Tue, Mar 16, 2004 at 05:20:36PM +0100, Egbert Eich wrote:
>
> If the sticky bit is not set or the ownership of this directory
> is not root we risk a man-in-the-middle attack. Even if the sticky bit
> is set the owner of the directory is able to do the attack.
> Therefore the function that attempts to create these directories
> (if they don't exist) should fail hard and print a meaningful
> error message.
> It should be the responsibility of the install procedure and/or
> the OS vendor to make sure that these directories exist and have the
> correct ownership and permissions.
> Letting x,g,kdm or whatever create these directories is just a
> convenience fix for people who have a habit to delete those directories.
Some cleanup tasks might whack those directories. I think it's robustness
issue. Yes it should be handled by the install, but better handle this at
multiple places to truly ENSURE that it's ok. gdm currently does the
/tmp/.ICE-unix dance but not the /tmp/.X11-unix dance, it should perhaps do
that as well, though I was always sort of expecting the X server to run as
root and set this up, but I suppose that's not a correct assumption. Plus we
should never expect that things will be just set up properly. For example a
hard drive failure or some crazy setup might whack the initial /tmp settings,
we shouldn't fail to be secure in those instances.
George
--
George <jirka at 5z.com>
When the rich make war it's the poor that die.
-- Jean-Paul Sartre
More information about the xdg
mailing list