Openswan 2.2.x does not properly restrict permissions for (1)
/var/run/starter.pid, related to starter.c in the IPsec starter, and (2)
/var/lock/subsys/ipsec, which allows local users to kill arbitrary processes
by writing a PID to a file, or possibly bypass disk quotas by writing
arbitrary data to a file, as demonstrated by files with 0666 permissions, a
different vulnerability than CVE-2011-1784.
Adding to GLSA request with bug 389097.
This issue was resolved and addressed in
GLSA 201203-13 at http://security.gentoo.org/glsa/glsa-201203-13.xml
by GLSA coordinator Sean Amoss (ackle).