Your message dated Tue, 25 Feb 2025 18:43:28 +0100
with message-id <[email protected]>
and subject line Re: pid file attack can be used to kill arbitrary processes
has caused the Debian Bug report #580183,
regarding pid file attack can be used to kill arbitrary processes
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
580183: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580183
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: avahi-daemon
Version: 0.6.25-3
Severity: normal
Tags; security
/var/run/avahi-daemon/pid is writable by the avahi user. Suppose this
user is compromised. If the pid is overwritten with a different process
id, such as 1, /etc/init.d/avahi-daemon stop will go ahead and kill
that.
start-stop-daemon avoids this kind of security flaw by checking
/proc/pid/exe (when run with -exec), or at least the process name (when
run with -name). avahi's init script uses avahi -k. which neglects such
checking.
Besides the (admittedly unlikely since if you can shell avahi you
probably have better things to do) security hole, killing a process that
is stored in a pid file without checking that the pid file is accurate
is asking for trouble.
--
see shy jo
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Version: 0.8-8
On Tue, 4 May 2010 01:30:21 -0400 Joey Hess <[email protected]> wrote:
Package: avahi-daemon
Version: 0.6.25-3
Severity: normal
Tags; security
/var/run/avahi-daemon/pid is writable by the avahi user. Suppose this
user is compromised. If the pid is overwritten with a different process
id, such as 1, /etc/init.d/avahi-daemon stop will go ahead and kill
that.
start-stop-daemon avoids this kind of security flaw by checking
/proc/pid/exe (when run with -exec), or at least the process name (when
run with -name). avahi's init script uses avahi -k. which neglects such
checking.
Besides the (admittedly unlikely since if you can shell avahi you
probably have better things to do) security hole, killing a process that
is stored in a pid file without checking that the pid file is accurate
is asking for trouble.
We no longer ship/support the SysV init script since 0.8-8 , so closing
the issue accordingly.
The systemd service unit for avahi-daemon does not make use of pid files.
Michael
OpenPGP_signature.asc
Description: OpenPGP digital signature
--- End Message ---
_______________________________________________
Pkg-utopia-maintainers mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-utopia-maintainers
