On Wednesday 06 July 2005 05:05, Ian Eure <[EMAIL PROTECTED]> wrote: > It's used by syslogd. Not 100% sure on this, but I believe it's how > user-space apps send messages to syslog (e.g. with syslog(3)). If that's > the case, it would need to be mode 666 for syslog(3) to work.
It doesn't have to be mode 0666, it just needs to be writable by every program that you want to log via syslog. As there are many daemons which run as non-root (most daemons should not have root privs) and there is no group for daemons to allow such access it's almost required to grant every process access to /dev/log. If you want restricted access to /dev/log then you need something more capable than regular Unix access control. POSIX ACLs could do the job, but you would have to patch the syslogd to set the ACLs every time it starts up. If you run SE Linux then /dev/log access is controlled and you can determine which programs get access to it. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
