Bug#960108: proftpd-basic: proftpd write pidfile with incorrect mode
votdev
votdev at gmx.de
Sat May 9 14:29:24 BST 2020
Package: proftpd-basic
Version: 1.3.6-4+deb10u5
Severity: important
The proftpd daemon writes the pidfile with mode 0666 instead of 0644.
Because of that it is
not possible to stop or restart the daemon with "systemctl stop proftpd" or
"systemctl restart proftpd". The reason is the new security check of
start-stop-deamon
in conjunction with --pidfile.
The following error will be logged to syslog.
Mai 09 14:42:30 titan proftpd[1296]: Stopping ftp server:
proftpdstart-stop-daemon: matching on world-writable pidfile
/run/proftpd.pid is insecure
Mai 09 14:42:30 titan proftpd[1296]: start-stop-daemon: matching on
world-writable pidfile /run/proftpd.pid is insecure
-- System Information:
Debian Release: 10.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.5.0-0.bpo.2-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages proftpd-basic depends on:
ii adduser 3.118
ii debianutils 4.8.6.1
ii libacl1 2.2.53-4
ii libattr1 1:2.4.48-4
ii libc6 2.28-10
ii libcap2 1:2.25-2
ii libhiredis0.14 0.14.0-3
ii libmemcached11 1.0.18-4.2
ii libmemcachedutil2 1.0.18-4.2
ii libncursesw6 6.1+20181013-2+deb10u2
ii libpam-runtime 1.3.1-5
ii libpam0g 1.3.1-5
ii libpcre3 2:8.39-12
ii libssl1.1 1.1.1d-0+deb10u3
ii libtinfo6 6.1+20181013-2+deb10u2
ii libwrap0 7.6.q-28
ii lsb-base 10.2019051400
ii netbase 5.6
ii sed 4.7-1
ii ucf 3.0038+nmu1
ii zlib1g 1:1.2.11.dfsg-1
Versions of packages proftpd-basic recommends:
pn proftpd-doc <none>
Versions of packages proftpd-basic suggests:
pn openbsd-inetd | inet-superserver <none>
ii openssl 1.1.1d-0+deb10u3
pn proftpd-mod-geoip <none>
pn proftpd-mod-ldap <none>
pn proftpd-mod-mysql <none>
pn proftpd-mod-odbc <none>
pn proftpd-mod-pgsql <none>
pn proftpd-mod-snmp <none>
pn proftpd-mod-sqlite <none>
-- Configuration Files:
/etc/ftpusers changed [not included]
-- no debconf information
More information about the Pkg-proftpd-maintainers
mailing list