| <Patch List> <Patch Directory> | ||||||||||||
Patch info for pid_bri
Author CommentsFirstly, this patch fixes a bug whereby a malicious user could create a symlink in the Stunnel pid directory pointing to a file that is writable by the user invoking Stunnel, thus truncating and overwriting the file. This could lead to data destruction. The second purpose of this patch is to allow you to specify where and if a pid file should be created. A new flag, '-P' is added to stunnel that works as follows: -P /path/to/pid/dir/ Create the pid file in the directory named. Note that you *MUST* specify a trailing slash for this method. -P /path/to/pid/file.pid Create the pid file with the filename specified (no trailing slash) -P none Don't create a pid file at all. Changes: stunnel will now require that it can create the pid file. If it cannot, it will stop. Thus users may need to start using the '-P none' option.
This website makes patches available for use by the Internet community. However it does not endorse any of the patches contained herein. They could be work perfectly, or totally foul up everything. We don't know. Contact the authors if you have any questions. Use at your own risk. The Stunnel software package does not contain any cryptography itself, however please remember that import and/or export of cryptographic software, code providing hooks to cryptographic algorithms, and discussion about cryptography is illegal in some countries. It is imperative for you to know your local laws governing cryptography. We're not liable for anything you do that violates your local laws.
|