i found something ugly about freeBSD
Mark
admin at asarian-host.net
Fri Jan 30 00:36:27 PST 2004
----- Original Message -----
From: <zzerver at hotmail.com>
To: <freebsd-questions at freebsd.org>
Sent: Friday, January 30, 2004 3:01 AM
Subject: i found something ugly about freeBSD
> Am probably wrong i hope.
Yes, you are. :)
> ... but mysqld creates a file call /tmp/mysql.sock,
> but this file got to be 777???
Yeah, well, that's the general idea; everybody can read/write to the mysqld
server socket: from "nobody" (web server) to root.
> ...i loging with a other user and call a rm /tmp/mysql.sock
Set the sticky bit (+t) on /tmp/, and only the owner of the mysql socket
will be able to delete it.
- Mark
More information about the freebsd-questions
mailing list