Bugtraq mailing list archives
Re: user flags in public temp space (was Re: chflags() [heads up])
From: blymn () BAEA COM AU (Brett Lymn)
Date: Thu, 5 Aug 1999 16:56:51 +0930
According to Strange:
c) Make root automatically override user-set flags (possibly will create other complications for user-land programs relying on root passing over such files).
Ugh no - this would be a major lose as the idea of the flags was in part to make files immutable at certain security levels such that _even_root_ could not modify them. The idea being you could trojan proof your binaries by making them immutable (don't forget the directories themselves, kiddies). If you allow root to stomp an immutable file then you lose part of the value of chflags. Then again you could just rig the system to check your binaries against an md5 signature before running them which stops the trojans :-) -- =============================================================================== Brett Lymn, Computer Systems Administrator, British Aerospace Australia ===============================================================================
Current thread:
- user flags in public temp space (was Re: chflags() [heads up]) Strange (Aug 04)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Brett Lymn (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Jason Bratton (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Theo de Raadt (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Andrew Brown (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Theo de Raadt (Aug 06)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 06)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Tim Fletcher (Aug 06)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 07)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Doug Harple (Aug 09)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Brett Lymn (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up Adam Morris (Aug 09)