#56180 closed enhancement (fixed)
use subdir for trace mode socket
Reported by: | jmroot (Joshua Root) | Owned by: | jmroot (Joshua Root) |
---|---|---|---|
Priority: | Normal | Milestone: | MacPorts 2.7.0 |
Component: | base | Version: | |
Keywords: | Cc: | ||
Port: |
Description
Creating the socket in /tmp means any process can potentially open it. This is probably only a DoS vector, but still it's not hard to do better. We should put it inside a non-readable temp subdirectory so only processes that know the socket name can use it.
There's a comment in porttrace.tcl that suggests that not doing this is deliberate, but I suspect the author didn't fully understand the problem and how it's usually solved.
Change History (2)
comment:1 Changed 4 years ago by jmroot (Joshua Root)
Owner: | set to jmroot |
---|---|
Resolution: | → fixed |
Status: | new → closed |
comment:2 Changed 4 years ago by jmroot (Joshua Root)
Milestone: | → MacPorts 2.7.0 |
---|
Note: See
TracTickets for help on using
tickets.
In 3f248bd82a7e689fd80ee658f9e981ac0912b1d0/macports-base (master):