[Mimedefang] Privilege escalation via PID file manipulation

[Dianne Skoll]

Hi,

> The MIMEDefang daemons should create their PID files before dropping
> privileges. This represents a minor security issue; additional factors
> are needed to make it exploitable.

I have made a patch to open the PID files as root.  However, since the
process has to keep the file descriptor open in order not to lose the
file lock, it doesn't completely eliminate the chance of an exploit.

I will post the patch in a little while, once I have thoroughly tested it.

Regards,

Dianne.