DoS bug in initscripts

Michael A. Peters mpeters at
Mon Apr 7 09:11:08 PDT 2003

loadproc in the functions script calls getpids()

        pidlist=$(pidof -o $$ -o $PPID -x $base)

if $1 isn't full path then it can return a faulty PID causing the
service not start.

For example -

The init script is called gpm
The init script has:
 loadproc gpm -m $MDEVICE -t $PROTOCOL
in the start) case

loadproc() passes gpm to getpids() and since the script is called gpm -
it finds a PID and states that the service is already running, causing
the init to not properly start.

The daemons should be called full path in the init scripts to avoid
this. and the getpids() should check the full path of the binary in case
of a sloppily written init script.

This will avoid accidental or malicious DoS of init scripts.

If you include "which" with the basic LFS this can easily be achieved:

[root at 12-233-116-216 root]# which gpm
[root at 12-233-116-216 root]# which `which gpm`
[root at 12-233-116-216 root]#

Michael A. Peters <mpeters at>

Unsubscribe: send email to listar at
and put 'unsubscribe lfs-dev' in the subject header of the message

More information about the lfs-dev mailing list