[gentoo-dev] /var/tmp world rwx?

[gentoo-dev] /var/tmp world rwx?

[Kevin N. Carpenter]

I've been playing around with using tmpfs for /tmp and had it mounted 
with my standard "noexec,nodev,nosuid" anti-hack security options.  This 
works fine for VI or other normal tools.

I wanted Portage to use it as well, to symbolically linked /var/tmp to /tmp.

That broke emerge.  The "noexec" option prevents any builds from 
working.  That made me check one of my unmodified gentoo systems where I 
spotted that /var/tmp was world read/execute.  That's a security problem.

Any reason that /var/tmp can't be root read/execute only?

Kevin C.


--
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] /var/tmp world rwx?

[Paul de Vrieze]

[-- Attachment #1: signed data --]
[-- Type: text/plain, Size: 990 bytes --]

On Friday 03 January 2003 23:42, Kevin N. Carpenter wrote:
> I've been playing around with using tmpfs for /tmp and had it mounted
> with my standard "noexec,nodev,nosuid" anti-hack security options.  This
> works fine for VI or other normal tools.
>
> I wanted Portage to use it as well, to symbolically linked /var/tmp to
> /tmp.
>
> That broke emerge.  The "noexec" option prevents any builds from
> working.  That made me check one of my unmodified gentoo systems where I
> spotted that /var/tmp was world read/execute.  That's a security problem.
>
> Any reason that /var/tmp can't be root read/execute only?
>
> Kevin C.
>

It's a standard temporary directory so yes. It should be open for the public. 
This doesn't hold for /var/tmp/portage though. You also might want to use an 
extra tmpfs or a bind mount or a change in make.conf as emerge has some 
issues with symlinked paths.

Paul

-- 
Paul de Vrieze
Junior Researcher
Mail: pauldv@cs.kun.nl
Homepage: http://www.devrieze.net

[-- Attachment #2: signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-dev] /var/tmp world rwx?

[Kevin N. Carpenter]

Thats cool.  Easy enough to mount both /tmp and /var/tmp as tmpfs with 
my noexec,nosuid,nodev options.

Mounting /var/tmp/portage with just "nosuid, nodev" requires the mount 
point to exist, which it won't as a freshly mounted tmpfs filesystem.  
Still, easy enough to fix in local.start.

Thanks!

Kevin C.

Paul de Vrieze wrote:

>
>It's a standard temporary directory so yes. It should be open for the public. 
>This doesn't hold for /var/tmp/portage though. You also might want to use an 
>extra tmpfs or a bind mount or a change in make.conf as emerge has some 
>issues with symlinked paths.
>
>Paul
>
>  
>


--
gentoo-dev@gentoo.org mailing list

Re: [gentoo-dev] /var/tmp world rwx?

[Sven Vermeulen]

[-- Attachment #1: Type: text/plain, Size: 730 bytes --]

On Fri, Jan 03, 2003 at 04:42:31PM -0600, Kevin N. Carpenter wrote:
> That broke emerge.  The "noexec" option prevents any builds from 
> working.  That made me check one of my unmodified gentoo systems where I 
> spotted that /var/tmp was world read/execute.  That's a security problem.

Besides the other answers in this thread, you could use quota's so that any
user can use maximum 1 bytes of space in /var/tmp, except for root ofcourse.

ANd euh, don't use tmpfs for /var/tmp if you are not planning on having a
seperate /var/tmp/portage, I know you know it, but perhaps other ppl that are
diagonally reading this thread don't :)

Wkr,
	Sven Vermeulen

-- 
	Fighting for peace is like fucking for virginity.

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]