Date: Fri, 13 Oct 2000 01:22:16 +0900 (JST) From: Hajimu UMEMOTO <ume@mahoroba.org> To: rwatson@FreeBSD.org Cc: freebsd-mobile@FreeBSD.org Subject: Re: pccardd UNP socket Message-ID: <20001013.012216.59535885.ume@mahoroba.org> In-Reply-To: <Pine.NEB.3.96L.1001011225019.44391G-100000@fledge.watson.org> References: <Pine.NEB.3.96L.1001011225019.44391G-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> On Wed, 11 Oct 2000 22:54:37 -0400 (EDT) >>>>> Robert Watson <rwatson@FreeBSD.org> said: rwatson> I've noticed that pccardd creates and uses a UNIX domain socket named rwatson> /var/tmp/.pccardd. While bind() does use NOFOLLOW in it's namei call, it rwatson> would probably be better to keep the socket in a well-known place, such as rwatson> /var/run, where other privileged daemons keep IPC sockets for their rwatson> control programs. I imagine this is straight forward to do (looks like rwatson> you just change the name in /usr/src/usr.bin/pccard/pccardd, and rwatson> presumably pccardc?). Shared temporary directories are the source of many rwatson> security problems, and reducing system dependence on them makes it easier rwatson> for sites to stop using them. With the advent of mandatory access control rwatson> policies due to TrustedBSD, it's conceivable that there might be (fear) rwatson> demand for multi-instantiated directories, in which case using /tmp, rwatson> /var/tmp, et al, for IPC will not work. Yes. While merging this feature from PAO3, I wondered it. This IPC socket is used to communicate pccardd with some PAO3 applications such as gxcardmon. pccardc is not related. I think /var/run is good place. Existing PAO3 applications suppose the location. So, I didn't change it. -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@FreeBSD.org http://www.imasy.org/~ume/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-mobile" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001013.012216.59535885.ume>