You are not logged in.
- Topics: Active | Unanswered
#26 2008-03-11 01:57:20
- brebs
- Member
- Registered: 2007-04-03
- Posts: 3,066
Re: Strange messase on update
kppp is about the only program I can find, that wants to create a file in /var/lock/ as non-root.
Improve your desktop responsiveness and font rendering and ALSA sound and BusyBox init
Offline
#27 2008-03-11 03:16:07
- ralvez
- Member
- From: Canada
- Registered: 2005-12-06
- Posts: 1,515
- Website
Re: Strange messase on update
Doh, of course.... The directory permission just specifies who can write there and the "1" is who can remove the files within but says nothing about the permissions of the files created there! I think preventing other users removing your files is all that is needed to have /var/lock secure.
I'm still wondering what (non root use) program uses this folder and caused the bug report in the first place. I have never hit a problem with the permissions before...
The program that made me notice the issue was sane, but I also have there a directory created by gkrellm.
There may be other programs but unless we are running them we may never know.
I concur that it is very important that no one can remove/rename files in that directory that do not belong to him/her (that's where the "sticky bit" -- the 1 -- comes into play).
Having said all that, a 1777 is unnecessarily permissive in my opinion; so, as for myself I'll keep the permissions set at 1775, to me that's good enough ... I can "cope" with the warning from sane during upgrades 
I appreciate all the ideas/input form everyone that has written in this thread... that's one of the things I like about the Arch community!!
R.
Offline