reassign 158090 sysklogd thanks At Sun, 25 Aug 2002 15:15:08 -0400, Joey Hess wrote: > syslogd could use getsockopt(SO_PEERCRED) to get a ucred structure and > work out the user who has opened /dev/log and include that info in the > log somewhere. This would require no special glibc support. If you want > generic code to do that on a unix socket (works on linux, and probably > freebsd, and possibly other bsd's), I can provide it. Where in the log > to put this information without changing the format and breaking a lot of > stuff, I do not know.
Correct. Looking throughout this bug, there may be two fixes: (1) control /dev/log permission (2) use getsockopt to check the peer credential. However, I wonder the current behavior causes any problems - no one has actually troubles. Even if /var/log/* has an entry with <pid> or process title, it may be faked (in addition, syslogd format is defined, so it's standard violation). I suspect authentication is actually needed. I reassign it to sysklogd rathar than closing it because (1) there's no fault around this report (2) sysklogd can have credential check code (3) glibc cannot contribute to improve this kind of area. Credential check may become interesting sysklogd feature for nervous administrator. In future POSIX may have more informative and more powerful syslog facility. However it's another issue, if you want to discuss about new syslog, please discuss at austin group. Sysklogd maintainer, I leave this report into your hands to close or implement this report. Regards, -- gotom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
