Secure testing team - Jun 2011 - Bug#631912: pyro: pidfile in /tmp, opened insecurely

Package: pyro
Version: 3.9.1-1
Severity: grave
Tags: security
Justification: user security hole

class Daemonizer:
[...]
    def __init__(self, pidfile=None):
        if not pidfile:
            self.pidfile = "/tmp/%s.pid" %
self.__class__.__name__.lower()
        else:
            self.pidfile = pidfile
[...]
    def daemon_start(self, start_as_daemon=1):
        if start_as_daemon:
            self.become_daemon()
        if self.is_process_running():
            msg = "Unable to start server. Process is already
running."
            raise DaemonizerException(msg)
        f = open(self.pidfile, ''w'')
        f.write("%s" % os.getpid())
        f.close()
        self.main_loop()

and:

class NSD(Daemonizer):
    def __init__(self):
        Daemonizer.__init__(self)

    def main_loop(self):
        Pyro.naming.main(sys.argv[1:])

if __name__ == "__main__":
    NSD().process_command_line(sys.argv)

results in root opening /tmp/nsd.pid on startup.

Cheers,
Julien

-- System Information:
Debian Release: 6.0.2
  APT prefers stable
  APT policy: (500, ''stable'')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages pyro depends on:
ii  python                  2.6.6-3+squeeze6 interactive high-level object-orie
ii  python-support          1.0.10           automated rebuilding support for P

pyro recommends no packages.

Versions of packages pyro suggests:
pn  pyro-doc                      <none>     (no description available)
pn  pyro-gui                      <none>     (no description available)

-- no debconf information