Security concerns

Skip to first unread message

Lluís Batlle i Rossell

Sep 3, 2011, 4:43:25 AM9/3/11
to Llista de Task Spooler

some people at debian were arguing that there can be security problems having a
unix socket in /tmp/socket-ts.UID. They talk about having one or other
permissions to the file.

What I did was to respect the users 'umask', which I think should determine the
security of file or socket creation. The debian people would prefer something
more restricted, and not in /tmp.

Nevertheless, I realised that although the socket, once created, cannot be
touched by anyone else... yes there is a threat when a user never run ts before
or killed the ts daemon and does not have the socket file in /tmp.

Anyone could create the file, and ts would connect to that socket.

So, although I'd keep the behaviour for $TS_SOCKET, I think of adding
file-owner checks for the default (lack of TS_SOCKET defined).

Do you think this will be enough? Or someone understands why /tmp is a bad
place, or why shouldn't ts respect the umask?

I'd prefer to keep /tmp, as for some embedded systems, /tmp lies on tmpfs and ~
in flash, so for me it looks nicer to put things on /tmp.


Reply all
Reply to author
0 new messages