|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Mon, 28 Aug 1995 10:45:06 GMT From: Andries.Brouwer@cwi.nl To: linux-security@tarsier.cv.nrao.edu, tom@pandemonium.saar.de : After installing selection (1.7) on a new system i noticed a problem with the : way selection handels it's selection.pid file. : Because the default is to install it suid-root and the default pid file : rests in /tmp any user can create or destroy any file on the disk : (like selection -k; cd /tmp; ln -s /etc/nologin selection.pid; selection). Yes. But nobody who is security conscious should install it suid root. It does not need any privileges, except possibly for killing earlier invocations, left by another user. Thus, any uid will do.
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |