Re: apcupsd 3.7.2 Denial of Service

[nash <nash () ROHAN SDSU EDU>]

> Title:    apcupsd 3.7.2 Denial of Service
>
> Affected Application:    apcupsd daemon
...
> Problem:
>
> During startup apcupsd creates a PID-file named "apcupsd.pid" in /var/run
> (system specific, maybe other directory) with the ID of the daemon process,
> this PID-file is used by the shutdown-script to kill the daemon process.
>
> Unfortunatly this PID-file ist world-writeable (Mode 666, -rw-rw-rw). A
> malicious user can overwrite the file with arbitrary process ID's, these
> processes will be killed instead of the apcupsd process during restart or
> stop of the apcupsd daemon and during system shutdown or restart, the whole
> system can be crashed this way.
...
> User's who don't want to upgrade can add two lines to the "start" section in
> the apcupsd startup script in /etc/rc.d or /sbin/init.d :

why not just add umask 022?


---begin---

    start)
        umask 022
        rm -f /etc/apcupsd/powerfail
        rm -f /etc/nologin
        echo -n "Starting apcupsd power management"
        $APCUPSD || return=$rc_failed
        echo -e "$return"
    ;;

---end---

-Ron
> matze () joonix de