Project

General

Profile

Actions

Bug #1335

closed

suricata option --pidfile overwrites any file

Added by Laura Brodie about 10 years ago. Updated almost 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

The suricata option --pidfile could overwrite any file either mistakenly or maliciously. These both overwrite the pre-existing file with suricata's pid.

sudo suricata -c /etc/suricata/suricata.yaml -i eth0 --pidfile a_file_i_needed_to_keep.txt
sudo suricata -c /etc/suricata/suricata.yaml -i eth0 --pidfile ../../bin/gunzip

I was afraid to try this one - who know what would happen:

sudo suricata -c /etc/suricata/suricata.yaml -i eth0 --pidfile ../../run/samba/samba.pid

or

nmbd.pd, smbd.pid, winbindd.pid
Actions

Also available in: Atom PDF