From c71407b5890e69c4a1adc0e0936f0d7e9cd24be4 Mon Sep 17 00:00:00 2001
From: pjd <pjd@FreeBSD.org>
Date: Fri, 16 Sep 2005 11:24:28 +0000
Subject: Pidfiles should be created with permission preventing users from
 opening them for reading. When user can open file for reading, he can also
 flock(2) it, which can lead to confusions.

Pointed out by:	green
---
 lib/libutil/pidfile.3 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/libutil')

diff --git a/lib/libutil/pidfile.3 b/lib/libutil/pidfile.3
index 4ae7067..81ccab1 100644
--- a/lib/libutil/pidfile.3
+++ b/lib/libutil/pidfile.3
@@ -100,7 +100,7 @@ The following example shows in which order those functions should be used.
 struct pidfh *pfh;
 pid_t otherpid, childpid;
 
-pfh = pidfile_open("/var/run/daemon.pid", 0644, &otherpid);
+pfh = pidfile_open("/var/run/daemon.pid", 0600, &otherpid);
 if (pfh == NULL) {
 	if (errno == EEXIST)
 		errx(EXIT_FAILURE, "Daemon already running, pid: %d.", otherpid);
-- 
cgit v1.1