The Kannel daemons create their PID files after dropping privileges to a non-root user. That may be exploited (through init scripts or other management tools) by the unprivileged user to kill root processes, since when a daemon is stopped, root usually sends a SIGTERM to the contents of its PID file (which are under the control of the runtime user). Our OpenRC init scripts suffer from this vulnerability. I did actually get a response from upstream on this (see the bug report), but so far he's not convinced that my proposed solution is the right one. On the other hand, Kannel ships two vulnerable debian/*.init scripts, so punting to the init script author isn't a no-effort option for them. We can wait and see what happens. If the bug sits on the vine for too long, we do have a workaround available: run the daemon in the foreground, and have it write the PID files somewhere where they will be completely ignored. Then, have OpenRC background the processes and manage their real PID files (which happens securely) under /run.
This doesn't seem to have been maintained since Gentoo converted to Git. CCing treecleaners.
Removed in https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7d441d1f18512fe4506528811613df8f802d2e51. No GLSA. Closing.
