On Tue, Jan 04, 2011 at 05:42:12PM -0800, Garrett Holmstrom wrote:
On Tue, Jan 4, 2011 at 4:31 PM, Bernie Innocenti bernie@codewiz.org wrote:
What sort of attack would this enable?
Wait... any unprivileged process can create sockets in the abstract namespace? Uh-oh.
Any unprivileged process can prevent you from running X on a given display by using up the socket name that X wants to use. This is a textbook DOS scenario.
If we have private /tmp this problem would go away.
Rich.