Hi, i see your point and admit that this has as a consequence the change of the your program. Therefore I will try to drop the utmp privileges after creating the directory. I will send you my modifcations first then. Thanks for your advise.
Greets, Ferdinand Am Freitag 22 Mai 2009 20:37:39 schrieb Nicholas Marriott: > Actually, I'm wrong, it won't break socket recreation since the > subdirectories of /var/run/tmux and the socket themselves still have the > correct ownership. The other points are correct, however. So you could drop > the utmp privileges completely after creating the directory. > > On Fri, May 22, 2009 at 07:31:17PM +0100, Nicholas Marriott wrote: > > Hi > > > > This patch does not fix the problem - it doesn't drop the utmp privilege > > after creating the socket so a user can trivially continue to cause the > > same issue by using the save-buffer command to create a file in > > /var/run/tmux. > > > > If you do drop the privileges, it will break socket recreation with > > SIGUSR1 which will appear in 0.9 (and you may need to patch this out of > > the code or USR1 will kill the server). > > > > Of course it is completely up to you, but I recommend you don't do this, > > you are fixing a minor and easily detected denial-of-service problem by > > granting unnecessary privileges the abuse of which could potentially be > > greater. > > > > If you do want to do it this way, I suggest that rather than overloading > > the utmp group you create a new group specifically and only for tmux. > > > > Best regards > > > > Nicholas
signature.asc
Description: This is a digitally signed message part.
