[Nix-dev] /run/lock permissions
Mathijs Kwik
mathijs at bluescreen303.nl
Sat Aug 25 11:01:49 CEST 2012
Hi all,
Currently, /run/lock (which is linked from /var/lock) has permission
700 root:root.
I'm packaging logcheck, which uses debian's liblockfile and
lockfile-progs, which use the /var/lock directory.
logcheck runs as its own user, so it currently cannot touch stuff in /var/lock.
What I propose:
A new group "lock".
/run/lock owned by root:lock, permission 1770 (sticky bit).
Programs that need locking can then join that group.
As this is somewhat security-related, I'm asking first if anyone has
any objections.
Have a nice weekend,
Mathijs
More information about the nix-dev
mailing list