Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 494222 Details for
Bug 630796
dev-db/couchdb: privilege escalation via PID file manipulation
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
couchdb.init-5
couchdb (text/plain), 1.18 KB, created by
Michael Orlitzky
on 2017-09-12 12:17:26 UTC
(
hide
)
Description:
couchdb.init-5
Filename:
MIME Type:
Creator:
Michael Orlitzky
Created:
2017-09-12 12:17:26 UTC
Size:
1.18 KB
patch
obsolete
>#!/sbin/openrc-run ># Copyright 1999-2017 Gentoo Foundation ># Distributed under the terms of the GNU General Public License v2 > >pidfile="/run/${RC_SVCNAME}.pid" >command="/usr/bin/couchdb" > ># CouchDB can't drop privileges on its own, so it's not possible to ># run it as a restricted user and still make use of the PID file that ># it creates. Instead, we run the daemon in the foreground, and let ># OpenRC background it and manage its PID file. >command_args="-o ${COUCHDB_STDOUT_FILE} > -e ${COUCHDB_STDERR_FILE} > ${COUCHDB_OPTIONS}" >command_user="${COUCHDB_USER}" >command_background="true" > >start_pre() { > # While the PID file is stored directly in /run, the default.init > # file that we ship specifies another setting, > # > # uri_file = /var/run/couchdb/couch.uri > # > # that requires this directory to be writable by the CouchDB user. > # > # WARNING: that default.ini file is writable by $COUCHDB_USER, so > # it is NOT safe to parse the setting out of it and then call > # "checkpath" on what we find as root. The $COUCHDB_USER could > # trick us into giving away ownership of an arbitrary directory > # that way. > checkpath --directory \ > --mode 0755 \ > --owner "${COUCHDB_USER}" \ > /var/run/couchdb >}
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 630796
:
494220
| 494222