Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-admin/logsurfer+/logsurfer+-1.8-r3.ebuild
Commit message (Collapse)AuthorAgeFilesLines
* app-admin/logsurfer+: use HTTPS, fix SRC_URIMichael Mair-Keimberger2018-05-201-4/+3
| | | | Closes: https://github.com/gentoo/gentoo/pull/8490
* app-admin/logsurfer+: x86 stableAaron Bauman2017-09-021-1/+1
| | | | | Gentoo-bug: 628560 Package-Manager: Portage-2.3.8, Repoman-2.3.3
* app-admin/logsurfer+: amd64 stableAaron Bauman2017-09-021-1/+1
| | | | | Gentoo-bug: 628560 Package-Manager: Portage-2.3.8, Repoman-2.3.3
* app-admin/logsurfer+: new revision to prevent PID file manipulation.Michael Orlitzky2017-08-211-0/+40
Previous versions of the logsurfer init script used start-stop-daemon to run logsurfer as the "logsurfer" user, but let the daemon create its own PID file. As a result, the "logsurfer" user needed to be able to write to its PID file, and therein lies a minor security vulnerability: if the daemon is compromised, the "logsurfer" user can write an arbitrary PID into the file, later to be SIGKILLed by root when he attempts to stop the service. Since logsurfer cannot drop privileges on its own, the new init script fixes this by running it in the foreground, and letting OpenRC manage the PID file. Gentoo-Bug: 628560 Package-Manager: Portage-2.3.6, Repoman-2.3.1