From owner-freebsd-current@FreeBSD.ORG Wed Apr 16 13:19:13 2008 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8AE441065673 for ; Wed, 16 Apr 2008 13:19:13 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from relay01.kiev.sovam.com (relay01.kiev.sovam.com [62.64.120.200]) by mx1.freebsd.org (Postfix) with ESMTP id 2CD7A8FC1F for ; Wed, 16 Apr 2008 13:19:13 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from [212.82.216.226] (helo=skuns.kiev.zoral.com.ua) by relay01.kiev.sovam.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.67) (envelope-from ) id 1Jm7Xa-000HGd-II for freebsd-current@freebsd.org; Wed, 16 Apr 2008 16:19:11 +0300 Received: from deviant.kiev.zoral.com.ua (root@deviant.kiev.zoral.com.ua [10.1.1.148]) by skuns.kiev.zoral.com.ua (8.14.2/8.14.2) with ESMTP id m3GDJBBj093955 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 16 Apr 2008 16:19:11 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: from deviant.kiev.zoral.com.ua (kostik@localhost [127.0.0.1]) by deviant.kiev.zoral.com.ua (8.14.2/8.14.2) with ESMTP id m3GDJ3SA037927; Wed, 16 Apr 2008 16:19:03 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: (from kostik@localhost) by deviant.kiev.zoral.com.ua (8.14.2/8.14.2/Submit) id m3GDJ3dS037909; Wed, 16 Apr 2008 16:19:03 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: deviant.kiev.zoral.com.ua: kostik set sender to kostikbel@gmail.com using -f Date: Wed, 16 Apr 2008 16:19:03 +0300 From: Kostik Belousov To: Jille Message-ID: <20080416131902.GU18958@deviant.kiev.zoral.com.ua> References: <4805FB23.4030600@quis.cx> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="juwRYO7N74otsfNI" Content-Disposition: inline In-Reply-To: <4805FB23.4030600@quis.cx> User-Agent: Mutt/1.4.2.3i X-Virus-Scanned: ClamAV version 0.91.2, clamav-milter version 0.91.2 on skuns.kiev.zoral.com.ua X-Virus-Status: Clean X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.4 X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on skuns.kiev.zoral.com.ua X-Scanner-Signature: 8fcfa5a562f326ba64a474cd1db6e25e X-DrWeb-checked: yes X-SpamTest-Envelope-From: kostikbel@gmail.com X-SpamTest-Group-ID: 00000000 X-SpamTest-Info: Profiles 2641 [Apr 16 2008] X-SpamTest-Info: helo_type=3 X-SpamTest-Info: {received from trusted relay: not dialup} X-SpamTest-Method: none X-SpamTest-Method: Local Lists X-SpamTest-Rate: 0 X-SpamTest-Status: Not detected X-SpamTest-Status-Extended: not_detected X-SpamTest-Version: SMTP-Filter Version 3.0.0 [0255], KAS30/Release Cc: freebsd-current@freebsd.org Subject: Re: chmod of some pidfiles X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2008 13:19:13 -0000 --juwRYO7N74otsfNI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Apr 16, 2008 at 03:12:03PM +0200, Jille wrote: > Hello, >=20 > Today I found out some pidfiles of 'system daemons', have a 'weird' chmod. >=20 > [quis@istud ~]$ ls -l /var/run/cron.pid > -rw------- 1 root wheel 4 Mar 1 19:25 /var/run/cron.pid >=20 > Can somebody tell me why it is 0600 ? > I don't think it will harm if it is 0644 ? >=20 > I think this is only useful if the security.bsd.see_other_uids sysctl is= =20 > set to 0. They are 0600 so that the advisory locking works reliably on them. More details: the daemons flock() the pidfile to indicate that it is alive. Any other process may lock the file that can be opened for reading. Having more permissive mode would allow anybody to lock the pidfile, falsely indicating that the daemon is still alive, while it in fact died. --juwRYO7N74otsfNI Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (FreeBSD) iEYEARECAAYFAkgF/MYACgkQC3+MBN1Mb4gEegCgl9sW/UZzq7h+fzCWdraoZ1Ua OJEAoPe7oPWvj9UhavwwknRsmRKL4vUH =ZXfD -----END PGP SIGNATURE----- --juwRYO7N74otsfNI--