noexec on /dev/shm
Adam Jackson
ajax at redhat.com
Fri Jan 7 19:01:00 UTC 2011
On Fri, 2011-01-07 at 11:46 +0000, Richard W.M. Jones wrote:
> On Tue, Jan 04, 2011 at 05:42:12PM -0800, Garrett Holmstrom wrote:
> > On Tue, Jan 4, 2011 at 4:31 PM, Bernie Innocenti <bernie at codewiz.org> wrote:
> > > What sort of attack would this enable?
> > >
> > > Wait... any unprivileged process can create sockets in the abstract
> > > namespace? Uh-oh.
> >
> > Any unprivileged process can prevent you from running X on a given
> > display by using up the socket name that X wants to use. This is a
> > textbook DOS scenario.
>
> If we have private /tmp this problem would go away.
If we had private /tmp this would not go away, because the user starting
the X server is not always the user whose session it belongs to.
Putting the socket in gdm's /tmp means it won't be someplace where
rjones can get to it.
Also because multiple users on the same display is a completely valid
use case that people actually do.
- ajax
More information about the devel
mailing list