[Mimedefang] Privilege escalation via PID file manipulation

Dianne Skoll dfs at roaringpenguin.com
Thu Aug 31 16:04:20 EDT 2017


The patch I posted earlier does not completely fix the problem.

True, the pid file is owned by root, but it's created in a directory
owned by defang, so there's still a way for the "defang" user to
subvert this.

I will have a patch by tomorrow that separates out the pid file (which
will be root-owned in a root-owned directory) from the lock file
(which can be defang-owned in a defang-owned directory.)



More information about the MIMEDefang mailing list