On Sun, Aug 25, 2002 at 07:57:02PM +0200, Martin Schulze wrote: > Matt Zimmerman wrote: > > syslogd has no authentication. Anyone can send messages to it with any > > content they like. If you wish to restrict access to syslog, the easiest > > way is to set permissions on the /dev/log socket, and make sure that _every_ > > program which you want to be able to log to syslog has permissions on that > > socket. But syslogd will always set the permissions to 0666 at startup, and > > you will need to arrange to reset them after each startup. > > Even worse, syslogd only reads what is provided on /dev/log. > > The socket is world writable, glibc's syslog() function writes > to it, from any program. Restricting its write access to root > would effectively disable syslogging.
How so? Restricting its write access to root would still allow programs running as root to use syslog. Making /dev/log group-writable and adding users to a 'syslog' group would restrict syslog usage to those users -- - mdz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
