[LEDE-DEV] /var/run world writable
Etienne Champetier
champetier.etienne at gmail.com
Thu Jun 16 00:07:03 PDT 2016
Hi,
since this procd commit from 2013
https://git.lede-project.org/?p=project/procd.git;a=blob;f=early.c;h=063e1a6abcc8ecdf22b9c8c11b2e81cc2460bcea;hb=be950c5e56b86509e1e237931d0ac8203372be82
/var/run (also /var/state and /var/lock) is world writable, with no
sticky bit, which means unpriviledge process can delete root files (or
many other attacks).
Do you remember if there was a reason to make it 0777 ?
I think before procd this was only handled by /etc/init.d/boot and it was 0755
On ubuntu 15.10 it's 0755 for /var/run and 1777 for /var/state and /var/lock
see also FHS stating that /run (new /var/run) should not be world writable
http://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch03s15.html#idm236092622080
Regards
Etienne
More information about the Lede-dev
mailing list