> -----Original Message----- > From: Petri Lehtinen [mailto:[email protected]] > Sent: Friday, April 08, 2011 9:23 AM > To: Rainer Gerhards > Cc: [email protected] > Subject: Re: rsyslog, fifos and SIGHUP > > Rainer Gerhards wrote: > > I guess that the files are pre-created with the wrong user permissions > > (who is the owner)? Usually, this happens if some external script creates > them. > > Ah true, the file owner was wrong. But did rsyslog open the fifo before > dropping privileges then, as it was able to write to it until it got HUPed?
Yes! The privilege drop code still needs a much better design. See here: http://wiki.rsyslog.com/index.php/Security#Dropping_Privileges I am not too happy with the way Ubuntu uses the capability. As they rely heavily on it, it would have been more appropriate from them to contribute a couple of patches to enhance that support. Rainer _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com
