diff options
author | anholt <anholt@FreeBSD.org> | 2005-01-12 07:18:25 +0000 |
---|---|---|
committer | anholt <anholt@FreeBSD.org> | 2005-01-12 07:18:25 +0000 |
commit | 70b72b2db5e1aab28ca6581b60e810c2c2f42490 (patch) | |
tree | f5730e7da1b1a278f2219986a5b67836156fea5d | |
parent | e91ddbde1a7a49a4d16eb6e6ea9acedcf0bc1921 (diff) | |
download | FreeBSD-src-70b72b2db5e1aab28ca6581b60e810c2c2f42490.zip FreeBSD-src-70b72b2db5e1aab28ca6581b60e810c2c2f42490.tar.gz |
Create three additional X socket directories. Using X applications when another
user owns these directories or the sticky bit is unset may open security holes,
so simply create them at startup with the correct owner/mode.
MFC after: 1 day
-rwxr-xr-x | etc/rc.d/cleartmp | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/etc/rc.d/cleartmp b/etc/rc.d/cleartmp index 7bde18b..bacc235 100755 --- a/etc/rc.d/cleartmp +++ b/etc/rc.d/cleartmp @@ -14,6 +14,7 @@ name="cleartmp" rcvar=`set_rcvar clear_tmp` start_cmd="cleartmp_start" stop_cmd=":" +x11_socket_dirs="/tmp/.X11-unix /tmp/.ICE-unix /tmp/.font-unix /tmp/.XIM-unix" cleartmp_start() { @@ -31,9 +32,9 @@ cleartmp_start() load_rc_config $name run_rc_command "$1" -# Remove X lock files, since they will prevent you from -# restarting X -# +# Remove X lock files, since they will prevent you from restarting X. rm -f /tmp/.X[0-9]-lock -rm -fr /tmp/.X11-unix -mkdir -m 1777 /tmp/.X11-unix + +# Create socket directories with correct permissions to avoid security problem. +rm -fr ${x11_socket_dirs} +mkdir -m 1777 ${x11_socket_dirs} |