From: bugzilla-daemon-590EEB7GvNiWaY/ihj7yzEB+6BGkLq7r@public.gmane.org
To: linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: [Bug 120061] New: unix.7: Extend notes about ignored permissions for UNIX domain sockets
Date: Sun, 12 Jun 2016 10:54:14 +0000 [thread overview]
Message-ID: <bug-120061-11311@https.bugzilla.kernel.org/> (raw)
https://bugzilla.kernel.org/show_bug.cgi?id=120061
Bug ID: 120061
Summary: unix.7: Extend notes about ignored permissions for
UNIX domain sockets
Product: Documentation
Version: unspecified
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P1
Component: man-pages
Assignee: documentation_man-pages-ztI5WcYan/vQLgFONoPN62D2FQJk+8+b@public.gmane.org
Reporter: carstengrohmann-Mmb7MZpHnFY@public.gmane.org
Regression: No
Hello,
the missing permissions check is tracked as CVE-1999-1402 and it looks like
that this issue is already fixed in current version of the mentioned systems.
Thereby I suggest a small update of the related statement.
Current:
Connecting to the socket object requires read/write permission. This behavior
differs from many BSD-derived systems which ignore permissions for Unix
sockets. Portable programs should not rely on this feature for security.
New:
Connecting to the socket object requires read/write permission. The access
permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x,
and other BSD-based operating systems before 4.4 (CVE-1999-1402). Portable
programs should not rely on this feature for security.
Thanks,
Carsten
--
You are receiving this mail because:
You are watching the assignee of the bug.
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next reply other threads:[~2016-06-12 10:54 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-12 10:54 bugzilla-daemon-590EEB7GvNiWaY/ihj7yzEB+6BGkLq7r [this message]
[not found] ` <bug-120061-11311-3bo0kxnWaOQUvHkbgXJLS5sdmw4N0Rt+2LY78lusg7I@public.gmane.org/>
2016-06-20 12:52 ` [Bug 120061] unix.7: Extend notes about ignored permissions for UNIX domain sockets bugzilla-daemon-590EEB7GvNiWaY/ihj7yzEB+6BGkLq7r
2016-06-20 13:04 ` bugzilla-daemon-590EEB7GvNiWaY/ihj7yzEB+6BGkLq7r
2016-07-05 7:50 ` bugzilla-daemon-590EEB7GvNiWaY/ihj7yzEB+6BGkLq7r
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-120061-11311@https.bugzilla.kernel.org/ \
--to=bugzilla-daemon-590eeb7gvniway/ihj7yzeb+6bgklq7r@public.gmane.org \
--cc=linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.