wineserver socket file and DOS attacks
Francois Gouget
fgouget at free.fr
Mon May 5 01:47:52 CDT 2008
On Wed, 30 Apr 2008, Steven Elliott wrote:
> I have some concerns about the location of the socket file that
> wineserver uses. Since by default the current location is in /tmp my
> concern is that anyone can stop anyone else from using wine just by
> creating a directory named /tmp/.wine-500.
[...]
In /tmp I see the following:
.X0-lock
.X11-unix/
fgouget/
gconfd-fgouget/
vmware-fgouget/
xmms_fgouget.0
So it seems like if there is a malicious user Wine will not be the only
application that will be affected. So the question is: are all these
apps susceptible to DoS or do they avoid DoS somehow? And if they
prevent DoS, how and is that technique applicable to Wine?
--
Francois Gouget <fgouget at free.fr> http://fgouget.free.fr/
You can have my guns when you pry them from my kids cold, dead hands.
More information about the wine-devel
mailing list