The init script for charybdis uses mkdir, chown, and chmod to create and set permissions on its runtime directory: start() { if ! [ -d /var/run/charybdis ]; then ebegin "Creating /var/run/charybdis for ${SVCNAME}" mkdir /var/run/charybdis \ && chown :charybdis /var/run/charybdis \ && chmod 770 /var/run/charybdis eend $? fi Using "checkpath" (man openrc-run) is more portable (it's part of OpenRC), and slightly more secure. The chown/chmod utilities follow symlinks, so if root:root ever loses control of that path, the charybdis user can replace /var/run/charybdis with a symlink and gain ownership of the target.
# Michał Górny <mgorny@gentoo.org> (05 Jun 2017) # (on behalf of Treecleaner project) # Unmaintained in Gentoo. Security vulnerability. # Removal in 30 days. Bug #562896. net-irc/charybdis
commit b6e6234008767ec82ed0fb1642b3f933d94e5f8f Author: Michał Górny <mgorny@gentoo.org> AuthorDate: Wed Jul 5 12:32:14 2017 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: Wed Jul 5 12:35:23 2017 net-irc/charybdis: Remove last-rited pkg, #562896
