On 05/11/11 01:37, helpermn wrote: > On Tue, 10 May 2011, Henrique de Moraes Holschuh <[email protected]> wrote: > >> On Tue, 10 May 2011, helpermn wrote: >>> I imagine why files listed below have 666 file mode bits set: >>> /var/run/checkers.pid >>> /var/run/vrrp.pid >>> /var/run/keepalived.pid >>> /var/run/starter.pid >>> /var/lock/subsys/ipsec >>> .... >> >> You could get the initscripts to send signals to any PID you want, so >> yes, it is a nasty security issue. >> > It should be mandatory for initscripts to verify the pid is indeed an instance of there daemon.
...as well as correcting the world writable bit. > So what is a solution? Could I/you/someone report this somewhere? > Maybe Debian bugs tracker? > -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
