On Tue, 10 May 2011, Henrique de Moraes Holschuh <hmh@debian.org> wrote:
On Tue, 10 May 2011, helpermn wrote:I imagine why files listed below have 666 file mode bits set: /var/run/checkers.pid /var/run/vrrp.pid /var/run/keepalived.pid /var/run/starter.pid /var/lock/subsys/ipsec ....You could get the initscripts to send signals to any PID you want, so yes, it is a nasty security issue.
So what is a solution? Could I/you/someone report this somewhere? Maybe Debian bugs tracker?
-- helpermn