The following message was part of a discussion on the linux security
audit mailing list. It looks like debian "hamm" (up-to-date package
versions) took the aproach of sticky bit, but Alan is right (of
course) - someone can still "block" /tmp/.X11-unix/X0 from being used.
Cheers,
--Amos
--Amos Shapira | "Of course Australia was marked for
133 Shlomo Ben-Yosef st. | glory, for its people had been chosen
Jerusalem 93 805 | by the finest judges in England."
ISRAEL [EMAIL PROTECTED] | -- Anonymous
------- Forwarded Message
Message-Id: <[EMAIL PROTECTED]>
From: [EMAIL PROTECTED] (Alan Cox)
Subject: Re: Minor XF86 DoS
To: [EMAIL PROTECTED] (Mark Wooding)
Date: Wed, 24 Jun 1998 12:24:44 +0100 (BST)
Cc: [EMAIL PROTECTED], [EMAIL PROTECTED],
[EMAIL PROTECTED]
In-Reply-To: <[EMAIL PROTECTED]> from "Mark Wooding" at Jun 24, 98 10:54:03 am
Content-Type: text
> terribly wonderful idea. Not all X servers are run as root. For
> example, Xvnc, the VNC server (see http://www.orl.co.uk/vnc/) contains
> an X server the frame buffer of which it makes available via the VNC
> protocol to the user's client software. Making the socket directory
> read-only except by root would prevent users from running VNC servers.
> Sticky bits sound like a more sensible solution to this problem than
> read-only-ness.
Sticky bit leaves DoS attacks (think "mkdir /tmp/.X11-unix/X0"). There
is probably a case for group xserver. Do we have any Xfree people here ?
------- End of Forwarded Message
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
