Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1997_4

Bugtraq archives for 4th quarter (Oct-Dec) 1997: Re: Solaris 2.6 and sockets

Re: Solaris 2.6 and sockets

Eivind Eklund (perhapsYES.NO)
Sun, 12 Oct 1997 21:04:33 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: andrew shieh: "Security flaws in Yahoo Mail"
Previous message: Marc Slemko: "_very_ poor ISN generation on Ascend MAX (fwd)"
In reply to: Theo de Raadt: "Re: Solaris 2.6 and sockets"

>
> > I have noticed strange things happening under Solaris 2.6 (final release)
> > Any Unix socket created by ANY application has permissions 4777!!!!
> > ie: srwxrwxrwx 1 root root      0 Oct   3 21:22 mysql.sock
> > Check out your /tmp directory :)
>
> I believe this affects almost everyone.  I fixed this a while back.

It does not affect FreeBSD -current and RELENG_2_2 (that is, it will
be OK in 2.2.5-RELEASE).  It is NOT fixed in FreeBSD 2.2.2.

I don't know if the FreeBSD patch was inspired by the OpenBSD patch;
the fix came along with a bunch of other changes by wollman, one of
the people doing most networking work under FreeBSD.

Eivind.

Next message: andrew shieh: "Security flaws in Yahoo Mail"
Previous message: Marc Slemko: "_very_ poor ISN generation on Ascend MAX (fwd)"
In reply to: Theo de Raadt: "Re: Solaris 2.6 and sockets"