[opensuse] Re: OpenSuSE-11.x thru 12.1: "/dev/.sysconfig"?

j debert wrote:
On 06/17/2012 04:21 AM, Robert Schweikert wrote:
On 06/16/2012 10:11 PM, j debert wrote:
What justifies putting a hidden directory with files in /dev?
Google for "/dev/.sysconfig" and it provides a link to the openSUSE
forums.

http://forums.opensuse.org/english/get-technical-help-here/applications/455588-rkhunter-false-positives.html


If there's a good reason it's opaque. It appears to be no more than
mere convenience.

This breaks the standard security model and invites others to do the
same.

/dev has long been a favored hiding place for evil files. There should
be no files there. It is not a false positive when security scanners
like rkhunter, chkrootkit, etc., find files in /dev.


jd

Well, I can see this getting worse.

Where do they put the user R/W RAM disk for semaphores, shared memory
and such?

/dev/shm.

so where do I go to create a tmp file in memory? /dev/shm/tmp -- which
my script creates with the sticky bit on if it doesn't already exist.

I've seen other recommendations to put user shared facilities in /dev/...so
I can see the potential for alot more files of all types, hidden included (obviously
very small, as they consume memory).


--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx