Re: pid file security

To: debian-devel@lists.debian.org
Subject: Re: pid file security
From: Philipp Kern <trash@philkern.de>
Date: Tue, 4 May 2010 09:47:39 +0000 (UTC)
Message-id: <[🔎] slrnhtvr9r.m67.trash@kelgar.0x539.de>
Reply-to: phil@philkern.de
References: <[🔎] 20100504062525.GA12640@gnu.kitenet.net> <[🔎] 201005041000.13181.tiposchi@tiscali.it>

On 2010-05-04, Salvo Tomaselli <tiposchi@tiscali.it> wrote:
> On Tuesday 04 May 2010 08:25:25 Joey Hess wrote:
>> Take a look in /var/run. Find a pid file that is owned by a non-root
>> user. Now, look at the corresponding init script. What does it stop if
>> that non-root user edited the pid file to contain '1'?
> The fact that they are not owned by root doesn't mean you can edit them, they 
> would probably be owned by a specific user for that daemon and will not have 
> write access for others.

So if I trick the daemon to write 1 to that file it's ok?

Sure, tricking a program into doing something the admin didn't
intend is a bug in itself, still we shouldn't leave that hole
open.  (Putting the PID file a-w might help with that, though,
no?)

Kind regards,
Philipp Kern

Reply to:

References:
- pid file security
  - From: Joey Hess <joeyh@debian.org>
- Re: pid file security
  - From: Salvo Tomaselli <tiposchi@tiscali.it>

Prev by Date: Re: Confused by .la file removal vs static linking support
Next by Date: Bug#580216: ITP: libhtml-formhandler-perl -- Form handler written in Moose
Previous by thread: Re: pid file security
Next by thread: Re: pid file security
Index(es):
- Date
- Thread