On Tue, 10 May 2011, helpermn wrote: > I imagine why files listed below have 666 file mode bits set: > /var/run/checkers.pid > /var/run/vrrp.pid > /var/run/keepalived.pid > /var/run/starter.pid > /var/lock/subsys/ipsec > > Files are created during startup of ipsec (pluto) and keepalived > deamons. > > I think thar leaving them world writable is security hole. For > example delete or change of its content could confuses monit > watching them running and restarting when they die.
You could get the initscripts to send signals to any PID you want, so yes, it is a nasty security issue. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
