diff options
Diffstat (limited to 'start-stop-daemon.8')
-rw-r--r-- | start-stop-daemon.8 | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/start-stop-daemon.8 b/start-stop-daemon.8 index 4723596..b6513ce 100644 --- a/start-stop-daemon.8 +++ b/start-stop-daemon.8 @@ -122,11 +122,14 @@ Note: using this matching option alone might cause unintended processes to be acted on, if the old process terminated without being able to remove the \fIpid-file\fP. .IP -\fBWarning:\fP Using this match option alone with a daemon that writes the -pidfile as an unprivileged user is a security risk, because if the daemon -gets compromised the contents of the pidfile cannot be trusted, and then +\fBWarning:\fP using this match option with a world-writable pidfile or using +it alone with a daemon that writes the pidfile as an unprivileged (non-root) +user will be refused with an error (since version 1.19.3) as this is a +security risk, because either any user can write to it, or if the daemon +gets compromised, the contents of the pidfile cannot be trusted, and then a privileged runner (such as an init script executed as root) would end up acting on any system process. +Using \fI/dev/null\fP is excempt from these checks. .TP .BR \-x ", " \-\-exec " \fIexecutable\fP" Check for processes that are instances of this \fIexecutable\fP. The |