Bugtraq mailing list archives
Re: License Manager's lockfiles (Solaris 2.5.1)
From: Don.Lewis () TSC TDK COM (Don Lewis)
Date: Fri, 23 Oct 1998 21:14:06 -0700
On Oct 21, 8:22pm, Joel Eriksson wrote: } Subject: License Manager's lockfiles (Solaris 2.5.1) } License Manager on Solaris 2.5.1 tends to make stupid lockfiles owned by } root and mode 666 (worldwrite'able). That is not good, since anyone could } create rootowned files which they then would be able to modify. It's an } even bigger problem since it just takes about a minute 'til the lockfile } is created after it's replaced with a symlink which it follows .. Highland has been recommending for ages that you not run the license manager as root. If you follow their advise by running the license manager under a dedicated non-privileged uid, you'll significantly cut down on the potential damage.
Current thread:
- Re: License Manager's lockfiles (Solaris 2.5.1) Don Lewis (Oct 23)
- Another nice tmp race Stefan Laudat (Oct 21)
- Re: Another nice tmp race Patrick J. Volkerding (Oct 27)
- Re: Another nice tmp race Solar Designer (Oct 27)
- Re: Another nice tmp race Glynn Clements (Oct 28)
- Re: License Manager's lockfiles (Solaris 2.5.1) Casper Dik (Oct 27)
- <Possible follow-ups>
- Re: License Manager's lockfiles (Solaris 2.5.1) Don Lewis (Oct 23)
- Another nice tmp race Stefan Laudat (Oct 21)