[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8703) slapd should create its PID file before dropping privileges

On Fri, Jul 28, 2017 at 07:35:47PM +0000, michael@orlitzky.com wrote:
>The slapd daemon should create its PID file before dropping privileges. This
>represents a minor security issue; additional factors are needed to make it

If I understood you correctly, "Additional factors are needed" basically 
means you have to find a code execution vulnerability in slapd? At that 
point I think you can do much more interesting things - pretending that 
your user is uid 0, or in various admin groups are only the first ideas 
that come to mind.

If you would like to propose a patch, we could review that. For myself I 
don't think I would attach a high priority to this.

Howard pointed out on IRC that if the directory containing the pid file 
is sticky, making it owned by root means slapd can no longer remove it 
on exit. I'm not sure how common that is but it's a setup that works 
right now.