>On Oct 21, 8:22pm, Joel Eriksson wrote: >} Subject: License Manager's lockfiles (Solaris 2.5.1) >} License Manager on Solaris 2.5.1 tends to make stupid lockfiles owned by >} root and mode 666 (worldwrite'able). That is not good, since anyone could >} create rootowned files which they then would be able to modify. It's an >} even bigger problem since it just takes about a minute 'til the lockfile >} is created after it's replaced with a symlink which it follows .. > >Highland has been recommending for ages that you not run the license >manager as root. If you follow their advise by running the license >manager under a dedicated non-privileged uid, you'll significantly >cut down on the potential damage. And that has been addressed in the following Sun patches: 104217-01: FLEXlm (SUNWlicsw, SUNWlit) 4.1: CERT security advisory patch 104829-01: FLEXlm 4.1: Licensing (SUNWlicsw, SUNWlit) Jumbo Patch for Solaris SPARC 104830-01: FLEXlm Licensing (SUNWlicsw, SUNWlit) Jumbo Patch for Solaris Intel
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:21:07 PDT