Files
yubiuser 6536754ab9 Hardcode PID file location to /run/pihole-FTL.pid
The PID file path was previously user-configurable via files.pid in
pihole.toml. Service hook scripts executed as root read this value
without validation and used it in privileged file operations, enabling
local privilege escalation by a pihole user with direct write access
to pihole.toml.

Remove files.pid from the config system entirely and replace all
usages with the compile-time constant FTL_PID_FILE ("/run/pihole-FTL.pid")
defined in config.h. The PID file path has no good reason to be
user-configurable.

See: GHSA-6w8x-p785-6pm4

Signed-off-by: yubiuser <github@yubiuser.dev>
2026-04-24 21:15:37 +01:00
..
2025-12-14 19:08:55 +01:00
2023-12-09 20:23:29 +01:00