On Wed, Nov 11, 2009 at 12:42:05PM -0800, Liane Praza wrote: > 4.11. Security Impact: > > The snmp-notify daemon starts and runs as uid 0 so that any log files > it creates can be secured in the /var filesystem. However, during > daemon initialization, it does reduce it's privilege set to the > minimum set. > > afsr# ppriv 103247 > 103247: /usr/lib/fm/notify/snmp-notify > flags = PRIV_AWARE > E: basic > I: basic > P: basic > L: basic
But it will retain euid == 0, yes? Also, won't this mean that the daemon itself will not be able to rotate logs? Nico --
