I opted for #2, since it requires no changes to existing start/stop scripts.
> 2. Enforce the sticky bit on the var directory. From Solaris' chmod(2)
> manpage:
>
> If a directory is writable and has S_ISVTX (the sticky bit)
> set, files within that directory can be removed o
I opted for #2, since it requires no changes to existing start/stop scripts.
> 2. Enforce the sticky bit on the var directory. From Solaris' chmod(2)
> manpage:
>
> If a directory is writable and has S_ISVTX (the sticky bit)
> set, files within that directory can be removed or r
Behrens Matt - Grand Rapids wrote:
> [snipped enlightening description of the zope user writable z2.pid problem]
>
> Solutions:
>
> 1. Have the stop script check ownership of the pid file to make sure
> it's still root's baby. This solution seems easiest, but something
> about it doesn't s