ugidfw can prevent /tmp access?

[Paul Schmehl]

If you used ugidfw to prevent temp access to only the range of uid's you 
presently have, I'm thinking this should prevent an attacker from using 
/tmp to get around permissions restrictions.  The question is, is there any 
kind of succint guide or list of what daemons need access to /tmp in order 
to function?  Or do all daemons need this?

-- 
Paul Schmehl (pauls at utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/