| Summary: | net-irc/unrealircd: init script should use checkpath instead of mkdir/chown/chmod | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Michael Orlitzky <mjo> |
| Component: | Current packages | Assignee: | Nathan Phillip Brink (binki) (RETIRED) <binki> |
| Status: | RESOLVED OBSOLETE | ||
| Severity: | normal | ||
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
Obsoleted by bug 628434. |
The init script for unrealircd creates its PID file directory with, if ! [ -d "${UNREALIRCD_PIDFILEDIR}" ]; then ebegin "Creating ${UNREALIRCD_PIDFILEDIR} for ${SVCNAME}" mkdir "${UNREALIRCD_PIDFILEDIR}" \ && chown :unrealircd "${UNREALIRCD_PIDFILEDIR}" \ && chmod 770 "${UNREALIRCD_PIDFILEDIR}" A single unconditional call to "checkpath" from OpenRC (man openrc-run) would be better. It's more portable, being part of OpenRC, and more secure: chown and chmod affect the *target* of symlinks, so if root:root ever loses full control of that path, then the unrealircd user could trick root (via the init script) into giving him ownership of any file on the system.