[Mono-bugs] [Bug 77340][Maj] Changed - Local user can overwrite
arbitrary file using mono-service
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Mon Feb 13 07:11:05 EST 2006
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by pawel.sakowski at mind-breeze.com.
http://bugzilla.ximian.com/show_bug.cgi?id=77340
--- shadow/77340 2006-01-24 08:01:03.000000000 -0500
+++ shadow/77340.tmp.27418 2006-02-13 07:11:05.000000000 -0500
@@ -40,6 +40,11 @@
How often does this happen?
Always. The pid in /etc/shadow obviously varies.
Additional Information:
Both FHS 2.3 section 5.13 and LSB 3.1 Core section 20.8 specify the
non-world-writable /var/run/basename.pid as the standard pid file location.
+
+------- Additional Comments From pawel.sakowski at mind-breeze.com 2006-02-13 07:11 -------
+Created an attachment (id=16482)
+A proposed minimalist solution (using /var/run instead of /tmp, no improvement in lockfile creation style)
+
More information about the mono-bugs
mailing list