Date: Fri, 30 Jan 2004 08:36:22 GMT From: Mark <admin@asarian-host.net> To: <zzerver@hotmail.com>, <freebsd-questions@freebsd.org> Subject: Re: i found something ugly about freeBSD Message-ID: <200401300836.I0U8AM2Y009736@asarian-host.net> References: <BAY2-DAV21CCF3gl6mP0001c1c9@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: <zzerver@hotmail.com> To: <freebsd-questions@freebsd.org> Sent: Friday, January 30, 2004 3:01 AM Subject: i found something ugly about freeBSD > Am probably wrong i hope. Yes, you are. :) > ... but mysqld creates a file call /tmp/mysql.sock, > but this file got to be 777??? Yeah, well, that's the general idea; everybody can read/write to the mysqld server socket: from "nobody" (web server) to root. > ...i loging with a other user and call a rm /tmp/mysql.sock Set the sticky bit (+t) on /tmp/, and only the owner of the mysql socket will be able to delete it. - Mark
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200401300836.I0U8AM2Y009736>