tag 626281 upstream thanks Hi,
today I got a bugreport about a security problem in keepalived. It seems that keepalived daemonize code explicitly sets umask(0) which leads to interesting results: -rw-rw-rw- 1 root root 6 2010-11-24 00:12 keepalived.pid -rw-rw-rw- 1 root root 5 2011-02-08 13:00 keepalived.pid -rw-rw-rw- 1 root root 5 2011-02-08 13:00 vrrp.pid Readwrite permissions to the pidfile of a daemon is a really bad idea. a umask of 000 is probably never a good idea. So I think removing that lines from keepalived/check/check_daemon.c, keepalived/core/daemon.c and keepalived/vrrp/vrrp_daemon.c. Alex -- Alexander Wirt, formo...@formorer.de CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
