The deamon() function in /etc/rc.d/init.d/functions will not start a
service if there is an existing process with the same name, becuase
pidofproc() finds it. For instance, a user of my system runs a custom
httpd process, completely independent of the installed Apache server. If I
issue the command "/etc/rc.d/init.d/httpd restart", it will fail, without
giving any indication that there was a problem.
This is a possible Denial of Service attack. An unprivileged user can
interfere with the operation of any system services managed through
initscripts that uses the deamon() function.
Suggested fix: add an argument to daemon() and pidofproc() for the
expected UID of the process, perhaps defaulting to root. Or, by default
allow it to match only UIDs under 100.
*** Bug 20697 has been marked as a duplicate of this bug. ***
For the example where this affects the Apache web server (httpd), it's not as
trivial to work around as one might expect. The httpd script does a bunch of
work to determine the right arguments to pass to httpd, so I can't just type
"httpd" to start it up properly.
*** Bug 19887 has been marked as a duplicate of this bug. ***
*** Bug 19367 has been marked as a duplicate of this bug. ***
Just tracking the UID is not good enough to solve the problem with sendmail.
Please see my report under 19367.
At the moment I've duplicated the functions file and edited it to suit my needs
then linked it in to my sendmail script. Not the greatest solution but at
least now I can restart sendmail.
*** This bug has been marked as a duplicate of 17244 ***