Permalink
Browse files

configure.ac: use /run/nagios.lock as the default lockfile path.

The previous default path for the lockfile was located in
$localstatedir, which is generally writable by the nagios user. That
presents a security risk, since the nagios user can delete the
lockfile and replace it with another file containing the PID of a
root-owned process. This commit changes the default lockfile path to
/run/nagios.lock, and completes the fix for Github issue #404.
  • Loading branch information...
orlitzky committed Aug 4, 2017
1 parent 9f5e955 commit 3baffa78bafebbbdf9f448890ba5a952ea2d73cb
Showing with 2 additions and 2 deletions.
  1. +2 −2 configure.ac
View
@@ -267,9 +267,9 @@ AC_SUBST(init_dir)
dnl User can override lock file location
AC_ARG_WITH(lockfile,
AC_HELP_STRING([--with-lockfile=<path>],
[sets path and file name for lock file]),
[sets path for lock file (default: /run/nagios.lock)]),
lockfile=$withval,
lockfile=$localstatedir/nagios.lock
lockfile=/run/nagios.lock
)
AC_SUBST(lockfile)

0 comments on commit 3baffa7

Please sign in to comment.