trev.saund...@gmail.com, le Tue 27 Apr 2010 14:30:39 -0400, a écrit : > THere is a rather large local security problem with your use of unix sockets. > It is very easy for a local hostile user to cause a denial of service, > because you put the unix sockets in a world readable place with *very* > predictable names. They are so predictable because a the only thing that the > attacker has to gues is the UID of the user, and because UID's for standard > users start at 1000, and are assigned in order, the attacker would only have > to create say 100 files, wich with a simple shell script is trivial.
That's actually not really new, compared to the previous TCP/IP approach. The place (or port number) has to be well-known for applications to be able to connect to it anyway, so any security layer needs to be added after connection. Samuel _______________________________________________ gnome-accessibility-list mailing list gnome-accessibility-list@gnome.org http://mail.gnome.org/mailman/listinfo/gnome-accessibility-list
