On Mon, 3 Aug 1998, Christian Hamacher wrote:
> I have set up diald and dctrl alright, everything is working great --
> as long as I log in as root. If I'm a regular user, dctrl complains
> about lacking privileges to access the control fifo.
>
> What is, in the experience of the experienced, the suggested way of
> solving this problem? Changeing perm's on the fifo? How do I make the
> changes stick the next time the fifo is created? Something with sudo?
> Some suid root wrappe script?
The issue is that whoever can write to the control FIFO can cause diald to
write to any accessible pathname on the system. Imagine the fun if some
prankster could, say, "echo monitor /etc/passwd >/var/run/diald.fifo" and
have it work - and that's just obvious vandalism. :-( The short form is
that the control FIFO is a sensitive control point and access SHOULD be
restricted to root/admin accounts. If you're sure no one will ever abuse
it then go ahead an make it world writable, but I would never do that on a
system that was running diald and hence connecting to the net. Very long
odds, but...
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
