On 2013/12/19 00:39, Jérémie Courrèges-Anglas wrote: > > The current consumers of this module in ports don't specify the pid_file > parameter. Still, a future port could. This is CVE-2013-7135 btw. > > ok?
Yes. > http://bugs.debian.org/732283 "The PID is secret and must be protected with mask 066"?!