Re: locking workaround patch
- From: Frederic Crozat <fcrozat mandrakesoft com>
- To: gconf <gconf-list gnome org>
- Subject: Re: locking workaround patch
- Date: 11 Sep 2002 16:36:22 +0200
Le mer 11/09/2002 à 16:20, Havoc Pennington a écrit :
>
> Michael Meeks <michael ximian com> writes:
> > Use the ORBit2 code for getting around this then in
> > linc/include/linc/linc-protocol.h (linc_get_tmpdir).
> >
> > The ORBit2 code scans in a race-free way for a correctly attributed
> > user-owned directory, and this is also the directory that b-a-s uses.
> > It'd be nice to unify on this, so it's localised - oh and it solves the
> > DOS problem at a stroke ;-)
>
> I looked at that code - the ORBit way doesn't fix gconf for the
> following reason. What it does is create:
>
> /tmp/orbit-username
> /tmp/orbit-username-1
> /tmp/orbit-username-2
>
> until it finds one with right perms.
>
> However, in gconf say malicious user creates /tmp/gconf-username,
> and we start using /tmp/gconf-username-1. Then malicious user deletes
> /tmp/gconf-username. Subsequent apps to start up will use
> /tmp/gconf-username instead of /tmp/gconf-username-1, and not find
> gconfd, and create duplicate gconfd. Thus effectively DOSing an
> existing session. Point is that all gconf-using apps need to find the
> same /tmp/whatever.
>
> The only way around that I see is to glob /tmp/gconf-username* and try
> to use anything found in the glob, in ascending order of the little
> number at the end - that could work. I'm not sure though.
But if you do that, you'll have problem when /tmp is not readable !!
(that is what our "paranoia" security are doing on Mdk system)..
--
Frederic Crozat
MandrakeSoft
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
