Vincent Bernat schrieb am Tuesday, den 10. May 2011: > OoO Vers la fin de l'après-midi du mardi 10 mai 2011, vers 16:52, > Alexander Wirt <formo...@debian.org> disait : > > > today I got a bugreport about a security problem in keepalived. It seems > > that > > keepalived daemonize code explicitly sets umask(0) which leads to > > interesting > > results: > > -rw-rw-rw- 1 root root 6 2010-11-24 00:12 keepalived.pid > > -rw-rw-rw- 1 root root 5 2011-02-08 13:00 keepalived.pid > > -rw-rw-rw- 1 root root 5 2011-02-08 13:00 vrrp.pid > > > Readwrite permissions to the pidfile of a daemon is a really bad idea. a > umask(0) is a classic way to daemonize a processus. See: > http://www.unixguide.net/unix/programming/1.7.shtml Yeah, but in days of defensive programming you normally prevent such things. I haven't checked other files, but everything that uses fopen creates files with 666. We should be permissive by default. > > The problem is with fopen() that does not allow to set a mode. Maybe > we should use creat() before fopen()? Sure that would work, but we should also check every fopen call so see if we have other problems.
Alex -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
