Excerpts from Joey Hess's message of Tue May 04 06:43:01 +0100 2010: > > Note that beyond the possibility this could be used as a security > hole, things go wrong, pid files end up with stale data in them. > Blindling killing w/o checking is asking for trouble. >
Valid points. Perhaps a solution would be to switch the init script to using prosodyctl, which checks that the pidfile is locked before killing - Prosody (as of 0.6.2) keeps the pidfile locked during running, and removes it on shutdown. This would just leave a corner case when Prosody crashes, and leaves a stale pidfile, or as you suggest, the prosody user is completely compromised. However since prosodyctl always switches to the prosody user before killing, this shouldn't be a problem? On the other hand - wouldn't just passing -exec /usr/bin/prosody to s-s-d fix everything anyway? Thoughts? Thanks, Matthew -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
