ugidfw can prevent /tmp access?
pauls at utdallas.edu
Fri Dec 14 14:28:05 PST 2007
If you used ugidfw to prevent temp access to only the range of uid's you
presently have, I'm thinking this should prevent an attacker from using
/tmp to get around permissions restrictions. The question is, is there any
kind of succint guide or list of what daemons need access to /tmp in order
to function? Or do all daemons need this?
Paul Schmehl (pauls at utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
More information about the freebsd-questions