> * Q: [Alan Cox] should dpkg create files in a super-secure mode to > prevent install-time tampering, and some stuff about /tmp handling > that I couldn't hear > * A: couldn't hear Russ' answer either Apparently there are some potential race conditions regarding files in /tmp, I have made a change to my policy tree to address one this which I will release soon. Most of the stuff about /tmp was about how when user_t domain processes create files in /tmp they get type user_tmp_t while sysadm_t processes create files as sysadm_tmp_t. This means that users can't read files from the administrator, but as the administrator can read files from the users we will be vulnerable to symlink race conditions. In some situations it may be desirable to prevent sysadm_t from reading links that have type user_tmp_t to avoid such sym-link attacks (although stacking OpenWall would probably be a better solution). I will put my slides on http://www.coker.com.au/selinux/ols/ in the near future, however reading Crispin's notes is probably a good idea too, he noted quite a few things that aren't in my slides... -- I do not get viruses because I do not use MS software. If you use Outlook then please do not put my email address in your address-book so that WHEN you get a virus it won't use my address in the From field. _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jul 04 2002 - 14:54:08 PDT