[Pkg-utopia-maintainers] Bug#580183: Bug#580183: pid file attack can be used to kill arbitrary processes
Lennart Poettering
lennart at poettering.net
Thu Jul 8 20:02:44 UTC 2010
On Wed, 07.07.10 19:08, Joey Hess (joeyh at debian.org) wrote:
> Lennart Poettering wrote:
> > PID files are simply broken. We probably shouldn't use them anyway, and
> > alway rely on the bus name instead.
>
> And the current situation is that, in Debian, avahi currently uses a pid
> file without even the arguably broken checks that start-stop-daemon makes.
> And, even if systemd eventually solves the problem for avahi, Debian has
> architectures where systemd will probably never run, but avahi does.
Well, from my perspective this is barely fixable, and the right fix is
using systemd. Also, I don't care von non-Linux systems really. If some
people do care about about them, then it is them who need to come up
with patches which when good I'll then merge.
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the Pkg-utopia-maintainers
mailing list