Re: World writable pid and lock files.

To: helpermn <helpermn@gmail.com>
Cc: debian-security@lists.debian.org
Subject: Re: World writable pid and lock files.
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Tue, 10 May 2011 11:10:57 -0300
Message-id: <[🔎] 20110510141057.GA5522@khazad-dum.debian.net>
In-reply-to: <[🔎] 05578BFF-44FC-41B3-9E8E-C11B5B9A6C11@gmail.com>
References: <[🔎] 05578BFF-44FC-41B3-9E8E-C11B5B9A6C11@gmail.com>

On Tue, 10 May 2011, helpermn wrote:
> I imagine why files listed below have 666 file mode bits set:
> /var/run/checkers.pid
> /var/run/vrrp.pid
> /var/run/keepalived.pid
> /var/run/starter.pid
> /var/lock/subsys/ipsec
> 
> Files are created during startup of ipsec (pluto) and keepalived
> deamons.
> 
> I think thar leaving them world writable is security hole. For
> example delete or change of its content could confuses monit
> watching them running and restarting when they die.

You could get the initscripts to send signals to any PID you want, so
yes, it is a nasty security issue.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

Follow-Ups:
- Re: World writable pid and lock files.
  - From: helpermn <helpermn@gmail.com>

References:
- World writable pid and lock files.
  - From: helpermn <helpermn@gmail.com>

Prev by Date: World writable pid and lock files.
Next by Date: Re: [SECURITY] [DSA 2233-1] postfix security update
Previous by thread: World writable pid and lock files.
Next by thread: Re: World writable pid and lock files.
Index(es):
- Date
- Thread