I have been thinking about the /var/run directory under SE Linux.
Currently in the strict policy every daemon is permitted to create files
under /var/run. The problem is that a daemon which runs as root can (if
compromised) create /var/run files with the names used by other daemons if
the daemon is not running at the time. This interferes with stopping and
starting daemons.
The solution to this is to have a directory under /var/run for each daemon and
give write access to that directory only to the daemon that uses it. For
daemons that run as non-root this also makes things easier for non-SE systems
as there is no need to create a pidfile such as /var/run/sm-client.pid and
chown it, the directory can just have the permissions needed to allow file
creation by the daemon.
Can anyone think of a reason not to do this? Or should I just start filing
bugzilla entries against all packages that have /var/run/daemon.pid files?
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page