[5355] in bugtraq
Re: Solaris 2.6 and sockets
daemon@ATHENA.MIT.EDU (Thamer Al-Herbish)
Sun Oct 5 11:54:31 1997
Date: Sun, 5 Oct 1997 11:43:56 +0000
Reply-To: shadows@whitefang.com
From: Thamer Al-Herbish <shadows@WHITEFANG.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <3.0.3.32.19971003215527.00697df8@tryc.on.ca>
On Fri, 3 Oct 1997, Wojciech Tryc wrote:
> I have noticed strange things happening under Solaris 2.6 (final release)
> Any Unix socket created by ANY application has permissions 4777!!!!
> ie: srwxrwxrwx 1 root root 0 Oct 3 21:22 mysql.sock
> Check out your /tmp directory :)
I brought up the issue on bugtraq a few months ago about Solaris' UNIX
domain sockets. The permissions actually have no effect (atleast not on
Solaris 2.5) so EVEN if you had mode 000 on them, people would still be able
to connect and send arbritary data. This is not the case with most BSD
variants out there.
The solution was to create it under a directory with an executable
permission only for yourself. I believe Mr.Dik had mailed me about that
after my post.
--
Thamer Al-Herbish
shadows@whitefang.com
