[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: /var/run/directory/



>a system administrator could accidentally overwrite e.g. the <pidfile> 
>section of /etc/dbus/system.conf when pasting in configuration from elsewhere.

I see what you're talking about. Why is that configurable? All other daemons I've
audited have it hardcoded either in config.h, a header, or right in the .c files.

find /usr/sbin/ -name '*' -exec strings {} \; | grep \/var\/run

In addition to selinux enhancement, I'd take the pid file configuration out of
the dbus.conf file. That flexibility just isn't needed and as mentioned, might
actually be a security risk.

-Steve Grubb


		
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]