Sounds good to me.
On Mon, Nov 7, 2011 at 12:50 PM, Daniel J Walsh <dwalsh(a)redhat.com> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It seems to be a weekly occurrence of a new CVE for some app that uses
/tmp insecurely.
I have been on a crusade for years to stop privileged services from
using /tmp and /var/tmp. These services can be potentially be
interfered by unprivileged users, potentially leading to process
escalation. The only server applications that need to use /tmp
should be for communicating with users. For example the X server, and
potentially apps that use kerberos for example sssd and nfs.gssd.
(Although maybe at some point we need to fix this.) Most apps that
rely on using /tmp to communicate with the user can be easily broken
by users having individual /tmp using pam_namespace.
systemd as of Fedora 16 has the ability to run system services with
private /tmp and /var/tmp. I would like to propose that we make this
the default in Fedora 17, or at least open a bugzilla on all system
services that we know of that use /tmp and /var/tmp to make them use
private /tmp and /var/tmp.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org/
iEUEARECAAYFAk64NoYACgkQrlYvE4MpobN24ACfWMvhZHbb1CnClweGHM3C/dOY
zk0Al3mHos+80HsvUMmNnc9zxCQhHcg=
=Olg9
-----END PGP SIGNATURE-----
--
devel mailing list
devel(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
--
Kurt Seifried
kurt(a)seifried.org
skype: (206) 905-9462