pid file issues
Yotam Rubin
yotam at makif.omer.k12.il
Tue Mar 19 20:52:13 EST 2002
On Tue, Mar 19, 2002 at 12:48:52PM -0500, Carter Bullard wrote:
[...]
>
> If we allow argus to specify the pid file directory,
> we can prevent bad pid filename choices, if we support
> pid filenames, then we can't prevent anything, which is
> ok at one level, and somewhat irresponsible on the other?
The situation still remains, if a malicious user has sufficient access[1]
to create an arbitrary PID file, why would he need argus to create the pid
file for him? I mean, why can't he simply "echo somepid > /var/run/identd.run"?
argus should run under the assumption that it trusts its users. This sort
of attack can only be carried out by a user with relevant access.
I will not reiterate my claims further, because I believe I've made myself
pretty clear.
Regards, Yotam Rubin
[1] Of course, argus can be setuid root, but then the admin has an entirely
different set of problems.
>
> Suggestions?
>
>
> Carter
>
> Carter Bullard
> QoSient, LLC
> 300 E. 56th Street, Suite 18K
> New York, New York 10022
>
> carter at qosient.com
> Phone +1 212 588-9133
> Fax +1 212 588-9134
> http://qosient.com
>
More information about the argus
mailing list