Date: Sun, 19 May 2013 13:36:01 +0700 From: Erich Dollansky <erichsfreebsdlist@alogt.com> To: Matthew Seaman <matthew@FreeBSD.org> Cc: Bob Eager <rde@tavi.co.uk>, sindrome <sindrome@gmail.com>, freebsd-ports@freebsd.org Subject: Re: Why does Samba requires 777 permissions on /tmp Message-ID: <20130519133601.24708ca7@X220.ovitrap.com> In-Reply-To: <51986BF6.4000705@FreeBSD.org> References: <CAFzAeSdgRotc34%2BeyfVHZBA-QGUCWJ1MZDYw1ysRxEV9MhG2BQ@mail.gmail.com> <20130519004659.3d415b88@raksha.tavi.co.uk> <CAFzAeSdoJEno2638-Lr4MMuxk9CmorPn6uCGbGs34Y1myw-W-A@mail.gmail.com> <20130519095614.4bcf7f64@X220.ovitrap.com> <51986BF6.4000705@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On Sun, 19 May 2013 07:06:46 +0100 Matthew Seaman <matthew@FreeBSD.org> wrote: > On 19/05/2013 03:56, Erich Dollansky wrote: > > Your problem must be caused by something else. At least, I cannot > > remember to ever have seen /tmp with a different setting than 0777. > > I hope you mean 1777 (drwxrwxrwt) there. That sticky bit is I only wanted to note that it is octal. > important. Without it there are a number of nasty attack > possibilities involving things like using a race condition and > craftily modifying a sym-link to trick root into overwriting an > important file. I did not think of this at all when I have written my response. Of course, it has to be set and it is set on my machine. I was focusing only on the fact that all users of a system must be able to write to /tmp. Erich > > Cheers, > > Matthew >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130519133601.24708ca7>