[Mimedefang] Privilege escalation via PID file manipulation
dfs at roaringpenguin.com
Thu Aug 31 13:01:33 EDT 2017
On Thu, 31 Aug 2017 12:11:05 -0400
Michael Orlitzky <michael at orlitzky.com> wrote:
> Hmmm, in that case, maybe the PID file is being reused for a purpose
> that it isn't really suited for? The contents of the PID file are
> slightly sensitive, since init scripts tend to trust them -- but the
> contents of a lock file aren't. Would it make more sense to have a
> separate lock file, whose only purpose is to prevent multiple daemons
> from starting (and not to provide info to an init system)?
That makes sense. I'll do it that way.
Thanks for alerting me to this.
More information about the MIMEDefang