ugidfw can prevent /tmp access?

Paul Schmehl pauls at
Fri Dec 14 14:28:05 PST 2007

If you used ugidfw to prevent temp access to only the range of uid's you 
presently have, I'm thinking this should prevent an attacker from using 
/tmp to get around permissions restrictions.  The question is, is there any 
kind of succint guide or list of what daemons need access to /tmp in order 
to function?  Or do all daemons need this?

Paul Schmehl (pauls at
Senior Information Security Analyst
The University of Texas at Dallas

More information about the freebsd-questions mailing list