Subject: Re: install/15461: /var/spool/lock: inconvenient permissions
From: David Laight <firstname.lastname@example.org>
Date: 02/04/2002 10:27:01
"Perry E. Metzger" wrote:
> > Why not 1777 - so that the (lock) files can only be deleted by the
> > owning user?
> To prevent DoS attacks by randoms among other things. Normal users
> should not be able to just claim locks on everything -- only
> privileged programs should be allowed to do that.
ok, maybe 1070, maybe one of the (horrid) layered directories (as needed
by one of the'secure unix' definitions. B2?) where each user sees a
different set of files in the same (apparrant) physical directory - but
maybe not, was always too hard to find out what had really happened!