Date: Fri, 14 Dec 2007 16:28:04 -0600 From: Paul Schmehl <pauls@utdallas.edu> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: ugidfw can prevent /tmp access? Message-ID: <E165A57C3B907FAE2B95DED5@utd59514.utdallas.edu>
next in thread | raw e-mail | index | archive | help
If you used ugidfw to prevent temp access to only the range of uid's you presently have, I'm thinking this should prevent an attacker from using /tmp to get around permissions restrictions. The question is, is there any kind of succint guide or list of what daemons need access to /tmp in order to function? Or do all daemons need this? -- Paul Schmehl (pauls@utdallas.edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E165A57C3B907FAE2B95DED5>