On 02/15/2017 08:47 AM, Valeri Galtsev wrote:
And yes, ALL user writable places (including often overlooked /dev/shm)
are mounted with nosuid, nosgid, nodev, noexec options on servers where
users are allowed to have shell.
How sure are you? On the system I'm looking at right now, any user can
write to:
/dev/mqueue
/dev/shm
/run/user/<uid>
/run/screen/S-<user>
/var/spool/samba
/home/<user>
/tmp
/var/tmp
Notably, the "screen" and "samba" locations only appear when the
respective packages are installed, so the places users can write may
vary from system to system.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
