More systems need O_APPEND vs. F_SETFL hardening, not just OS X. Preferably upstream. Ref: @i0n1c's SUIDGuard https://www.suidguard.com
-
-
Replying to @solardiz4 replies 0 retweets 0 likes
-
Replying to @okkejytila
@okkejytila@i0n1c It is just wrong that a compromised syslogd-alike running as non-root may overwrite past log records despite O_APPEND1 reply 0 retweets 0 likes -
Replying to @solardiz
@solardiz@okkejytila@i0n1c O_APPEND isn't the right tool for permissions enforcement. chattr +a is for that.1 reply 0 retweets 0 likes -
Replying to @RichFelker
@solardiz@okkejytila@i0n1c An additional flag for sticky-append could be useful for cases chattr doesn't cover, of course.1 reply 0 retweets 0 likes
@solardiz @okkejytila @i0n1c But modifying the semantics of O_APPEND for 'hardening' would be dangerous in itself (breaking contracts).
7:51 AM - 17 Aug 2015
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.