Gvmd creates a pidfile not owned by root

Good morning,
I am trying to fix the OpenRC init scripts for Gentoo and now I have a problem with gvmd: the pidfile.

gvmd needs to run as the user who has privileges on the gvmd database (in our configuration this user is gvm, and it is the only user in the gvm group).

When stopping a daemon, OpenRC works sending a kill signal as root to the process indicated in the pid file. For security reasons, this means that the pidfile of a process has to be owned by root and live in a directory owned by root. The security issue is better described here https://github.com/OpenRC/openrc/blob/master/service-script-guide.md#pid-files-should-be-writable-only-by-root

gsad seems to have a different behaviour forking after the pid file has been created (as root) by using --drop-privileges.

I think the same behaviour (–drop-privileges feature) should be implemented on gvmd.

This should avoid that an attack on any application of the GVM suite (running as the gvm user) could become a security hole, letting the gvm user to write a gvmd.pid file with the content of another process and allowing to kill a root process when OpenRC tries to stop the gvmd daemon.

1 Like

This could be raised as a ticket / new issue here:


I just reported it here: Gvmd creates a pidfile not owned by root · Issue #2090 · greenbone/gvmd · GitHub