ugidfw can prevent /tmp access?
Paul Schmehl
pauls at utdallas.edu
Fri Dec 14 14:28:05 PST 2007
If you used ugidfw to prevent temp access to only the range of uid's you
presently have, I'm thinking this should prevent an attacker from using
/tmp to get around permissions restrictions. The question is, is there any
kind of succint guide or list of what daemons need access to /tmp in order
to function? Or do all daemons need this?
--
Paul Schmehl (pauls at utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
More information about the freebsd-questions
mailing list