cvs commit: src/lib/libutil pidfile.3

Robert Watson rwatson at
Mon Sep 19 03:48:43 PDT 2005

On Mon, 19 Sep 2005, Jeremie Le Hen wrote:

>>>  FreeBSD src repository
>>>  Modified files:
>>>    lib/libutil          pidfile.3
>>>  Log:
>>>  Pidfiles should be created with permission preventing users from
>>> opening
>>>  them for reading. When user can open file for reading, he can also
>>>  flock(2) it, which can lead to confusions.
>> This means that a monitoring tool would need to run with elevated 
>> privileges to determine the PID of the process to monitor, correct?
> I can't see what's the problem with disclosing daemons' PID to all 
> users, given they won't be able to signal it or such anyway.

The problem isn't with revealing the pid, it's with allowing arbitrary 
access to the pidfile.  Specifically, a malicious reader can open the file 
and acquire a lock on it, preventing the program or monitoring tools from 
acquiring a lock, which they try to do unconditionally as part of their 
activities.  This is a hard-to-address issue, since sometimes you want 
locking to span users, and sometimes you don't.  The only preventative 
measure, should one care enough, is to prevent untrusted parties from 
being able to open the file.

Robert N M Watson

More information about the cvs-src mailing list