[Secure-testing-team] Bug#626281: pid file has wrong permissions
Martin Zobel-Helas
zobel at debian.org
Tue May 10 14:33:29 UTC 2011
Package: keepalived
Version: 1.1.12-1
Severity: grave
Tags: security
Hi,
keepalive writes a public writeable pid file to /var/run
-rw-rw-rw- 1 root root 5 2011-02-08 13:00 keepalived.pid
Cheers,
Martin
reference: http://lists.debian.org/05578BFF-44FC-41B3-9E8E-C11B5B9A6C11@gmail.com
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.38-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--
Martin Zobel-Helas <zobel at debian.org> | Debian System Administrator
Debian & GNU/Linux Developer | Debian Listmaster
GPG key http://go.debian.net/B11B627B |
GPG Fingerprint: 6B18 5642 8E41 EC89 3D5D BDBB 53B1 AC6D B11B 627B
More information about the Secure-testing-team
mailing list