https://bugzilla.novell.com/show_bug.cgi?id=714632
https://bugzilla.novell.com/show_bug.cgi?id=714632#c2
--- Comment #2 from Ludwig Nussel 2011-08-30 13:44:58 CEST ---
That's not quite as intended. The script must not use /var/lock/subsys at all.
The theoretical attack is that an attacker that gains access to the lock group
could put arbitrary things in /var/lock, e.g. stale symlinks pointing to
somewhere. Your init script would follow such a link and touch a file in an
arbitrary place.
E.g.
ln -s /etc/nologin /var/lock/subsys/hpi
would result in no user being able to log in anymore if the script was run.
The likelihood and impact of such an attack is low of course but if the script
is fixed in that regard it should fixed correctly :-)
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.