[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Re: cobalt-security digest (tmpwatch DoS)

Subject: Re: [cobalt-security] Re: cobalt-security digest (tmpwatch DoS)
From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
Date: Sat, 9 Sep 2000 22:13:40 +0100 (BST)

On Sat, 9 Sep 2000, H.P. Stroebel wrote:

<snip>

> i don`t know if on the raq write access to the /tmp directories is
> needed for normal users; on other boxes i have them writeable only for
> root.

This would break things that use /tmp - f.e. vi.

My 0.2p is that although any user with locale access can normally still
break a system, its still stupid behaviour on the part of this program.

Having said that, with proper use of process and resource limits it is
easily possible to stop things like fork bombs.

Rgds,
Gossi.

Follow-Ups:
- [cobalt-security] qpopper error..
  - From: Theodore Jones

References:
- [cobalt-security] Re: cobalt-security digest (tmpwatch DoS)
  - From: H.P. Stroebel

Prev by Date: [cobalt-security] Re: cobalt-security digest (tmpwatch DoS)
Next by Date: [cobalt-security] Re: Root has 10 different passwords on Qube2
Previous by thread: [cobalt-security] Re: cobalt-security digest (tmpwatch DoS)
Next by thread: [cobalt-security] qpopper error..

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index