The p3scan daemon creates its PID file after dropping privileges to a non-root user. That may be exploited (through init scripts or other management tools) by the unprivileged user to kill root processes, since when the daemon is stopped, root usually sends a SIGTERM to the contents of the PID file (which are under the control of the runtime user). P3Scan itself ships two init scripts vulnerable to this attack. Our OpenRC init script is also vulnerable. There is no good workaround for this one, and upstream is dead, so the best we can do is try to verify the PID file data in the init script. You can get the user and program name associated with a PID by, ps -p <pid> -o user= and ps -p <pid> -o comm= The output of those commands can be checked against the expected values before signaling the process.
@Maintainers please let us know when the fix is added to our ebuild. Thank you
Is anyone still using this? In my little corner of the mail world, the concept of a POP3 proxy is pretty outdated, and upstream has been dead for a while. The latest release was 3.0_rc1 in 2008. If no one cares, we can just treeclean it.
removed
