j debert wrote:
On 06/17/2012 04:21 AM, Robert Schweikert wrote:
On 06/16/2012 10:11 PM, j debert wrote:
What justifies putting a hidden directory with files in /dev? Google for "/dev/.sysconfig" and it provides a link to the openSUSE forums.
http://forums.opensuse.org/english/get-technical-help-here/applications/4555...
If there's a good reason it's opaque. It appears to be no more than mere convenience.
This breaks the standard security model and invites others to do the same.
/dev has long been a favored hiding place for evil files. There should be no files there. It is not a false positive when security scanners like rkhunter, chkrootkit, etc., find files in /dev.
jd
Well, I can see this getting worse. Where do they put the user R/W RAM disk for semaphores, shared memory and such? /dev/shm. so where do I go to create a tmp file in memory? /dev/shm/tmp -- which my script creates with the sticky bit on if it doesn't already exist. I've seen other recommendations to put user shared facilities in /dev/...so I can see the potential for alot more files of all types, hidden included (obviously very small, as they consume memory). -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org