Package: klogd Version: 1.4.1-18 Severity: wishlist Hi,
Ubuntu's klogd has a -P option that does this: -P path Use path instead of /proc/kmsg as the source of the kernel message. Specify "-" to read from standard input. This allows klogd to run entirely without root privileges. The idea then is to use a dd process to shovel messages from /proc/kmsg into a fifo for klogd to read. The security benefits, while admittedly somewhat far-fetched, should be obvious (an attacker can theoretically exercise some control over the messages the kernel logs, so a bug in klogd could conceivably be exploited in this manner). Additionally, this seems to work around a problem where klogd used to "garble" kernel messages when they were arriving at a high rate (this isn't easy to describe and probably impossible to reproduce on purpose: it's as if some lines were logged incompletely, or fragments of other lines inserted). Since Ubuntu obviously has a patch for -P, it shouldn't be hard to include it in Debian's klogd too. Andras -- Andras Korn <korn at chardonnay.math.bme.hu> <http://chardonnay.math.bme.hu/~korn/> QOTD: Energizer Bunny arrested. Charged with battery. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]