"Petri Sirkkala." wrote:

On Thu, 4 May 2000, Roland Hilkenbach wrote:

...

behavior can easily be used to do a DoS since the /tmp directory has the sticky-Bit set.

What? No sticky bits are set at my installation. That would be a major mistake allowing others to make files belonging to root:root.

The permissions for /tmp should look like this: drwxrwxrwt 23 root root 5120 May 4 06:50 /tmp ^ The 't' indicates, that the sticky bit is set. In directories with the sticky bit set files can only be renamed or removed by their owner or by the owner of the directory (see `man 2 stat'). This bit *should* be set for world writable directories like /tmp. You have a security problem when it isn't, because then everybody could rename or unlink other user's files in /tmp.

Just think what these files could do, if made setuid too? You should doublecheck your system, if someone has somehow made your tmp setgid- or setuid something.

AFAIR the setuid bit for directories doesn't have any effect on Linux systems. However, it is correct that neither the setuid nor the setgid bit should be set for /tmp, but that's something completely different than the sticky bit. Eilert -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Eilert Brinkmann -- Universitaet Bremen -- FB 3, Informatik eilert@informatik.uni-bremen.de - eilert@tzi.org - eilert@linuxfreak.com http://www.informatik.uni-bremen.de/~eilert/