|
Message-ID: <2199434f-d7b6-0d01-9fbc-ed2d013a09d3@orlitzky.com> Date: Fri, 18 Aug 2017 13:12:03 -0400 From: Michael Orlitzky <michael@...itzky.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2017-12847: nagios-core privilege escalation via PID file manipulation On 08/16/2017 06:17 PM, Daniel Kahn Gillmor wrote: > On Wed 2017-08-16 12:10:09 -0400, Michael Orlitzky wrote: >> The problem is avoided by creating the PID file as root, before >> dropping privileges. > > The problem can also be avoided by not using PID files at all, and > relying instead on a service manager that actually keeps track of its > children using more robust means (like wait() and SIGCHLD). > I'm scared to reply because this is guaranteed to turn into a "you should just use systemd, grandpa" holy war. If we had it all to do over again, I would probably agree with you. But there are still users with simple init systems, and many of those users are happy (or stuck) that way. If you want to convince upstreams to delete their PID file code and drop support for the associated init systems, you'll have to offer them something to make up for the users they'll lose. For some projects, "the code gets simpler and to hell with those users" will suffice. But for big projects where actual money is involved, you'll have a harder time.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.