On Fri, Jul 28, 2017 at 07:35:47PM +0000, michael@orlitzky.com wrote:

The slapd daemon should create its PID file before dropping privileges. This represents a minor security issue; additional factors are needed to make it exploitable.

If I understood you correctly, "Additional factors are needed" basically means you have to find a code execution vulnerability in slapd? At that point I think you can do much more interesting things - pretending that your user is uid 0, or in various admin groups are only the first ideas that come to mind.

If you would like to propose a patch, we could review that. For myself I don't think I would attach a high priority to this.

Howard pointed out on IRC that if the directory containing the pid file is sticky, making it owned by root means slapd can no longer remove it on exit. I'm not sure how common that is but it's a setup that works right now.