Subject: Re: CVS commit: pkgsrc/devel/distcc/files
To: Juan Romero Pardines <xtraeme@netbsd.org>
From: Jeremy C. Reed <reed@reedmedia.net>
List: pkgsrc-changes
Date: 11/15/2004 10:11:36
On Mon, 15 Nov 2004, Juan Romero Pardines wrote:
> Use /tmp as directory for $pidfile, because the nobody user cannot write
> in /var/run!
! pidfile="/tmp/${name}.pid"
! command_args="--daemon --pid-file ${pidfile} --user nobody"
This does not look safe.
I don't know if distccd is smart enough to generate the pid file safely,
but please verify that. (We wouldn't want it to overwrite someone's
important file because of some malicious pre-made symlink.)
Jeremy C. Reed
BSD News, BSD tutorials, BSD links
http://www.bsdnewsletter.com/