[Mimedefang] Privilege escalation via PID file manipulation

Dianne Skoll dfs at roaringpenguin.com
Thu Aug 31 13:01:33 EDT 2017

On Thu, 31 Aug 2017 12:11:05 -0400
Michael Orlitzky <michael at orlitzky.com> wrote:

> Hmmm, in that case, maybe the PID file is being reused for a purpose
> that it isn't really suited for? The contents of the PID file are
> slightly sensitive, since init scripts tend to trust them -- but the
> contents of a lock file aren't. Would it make more sense to have a
> separate lock file, whose only purpose is to prevent multiple daemons
> from starting (and not to provide info to an init system)?

That makes sense.  I'll do it that way.

Thanks for alerting me to this.



More information about the MIMEDefang mailing list