On Mon, 2 Oct 2023 18:09:39 -0000 (UTC) Markus Robert Kessler wrote:
Hi all,
in the meantime I had a closer look at the sources.
I saw, that in main.c within the archive the original authors just try
to open the desired pidfile given by options, only tested for write(!) access.
That's not a proper solution.
I tested with inserting some more lines, which first test, it the
desired filename exists, and if so, the program terminates with error, instead of damaging existing files. This approach seems similar to other distros' solution.
This could be taken as a starting point for a bug report -- if someone
wants to write one. And, if helpful, I could provide this as a patch.
I made the necessary changes, derived a patch from that, inserted and registered it in the source rpm, installed the binary rpm and tested it:
https://www.dipl-ing-kessler.de/developer/test/linux-src/mageia9/ openconnect/
Now, openconnect behaves as needed, so, if, for instance you (or your
kids) invoke it by accident like
sudo openconnect -b --pid-file=/etc/shadow [...]
then there will be no damage made to your system.
Instead it will be handled like that:
Pid-file: '/etc/shadow' already exists. Exiting.
If someone wants to file a bugreport, feel free to give them above
mentioned source rpm.
Best regards,
Markus
--
Please reply to group only.
For private email please use
http://www.dipl-ing-kessler.de/email.htm
--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: A noiseless patient Spider (2:250/1@fidonet)