| To: | Ken McDonell <kenj@xxxxxxxxxxxxxxxx> |
|---|---|
| Subject: | Re: secure sockets - security issue! |
| From: | fche@xxxxxxxxxx (Frank Ch. Eigler) |
| Date: | Mon, 15 Apr 2013 12:09:46 -0400 |
| Cc: | PCP Mailing List <pcp@xxxxxxxxxxx> |
| Delivered-to: | pcp@xxxxxxxxxxx |
| In-reply-to: | <516BB1A8.2020403@xxxxxxxxxxxxxxxx> (Ken McDonell's message of "Mon, 15 Apr 2013 17:52:08 +1000") |
| References: | <516BB1A8.2020403@xxxxxxxxxxxxxxxx> |
| User-agent: | Gnus/5.1008 (Gnus v5.10.8) Emacs/21.4 (gnu/linux) |
kenj wrote: > [...] > - now sudo bash ... note that for me this does not change $HOME > [...] ... unless you use sudo -i / -H. > But allowing a uid 0 process to blindly follow $HOME from the > environment and start creating files and directories seems NQR (tm). Having an fstat-owner==uid check could interfere with other valid usage models perhaps, like having special userids with dummy/shared home directories. In this case, the consequence of the initial PEBCAK (using sudo naively) was an overt error message. It doesn't sound like a big problem. - FChE |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | secure sockets - security issue!, Ken McDonell |
|---|---|
| Next by Date: | Secure sockets - sql method issue, Ken McDonell |
| Previous by Thread: | secure sockets - security issue!, Ken McDonell |
| Next by Thread: | Secure sockets - sql method issue, Ken McDonell |
| Indexes: | [Date] [Thread] [Top] [All Lists] |