In some email I received from Chris Calabrese, sie wrote:
>
>
> Balazs Scheidler wrote:
>
> > What if syslog client processes should authenticate themselves before
> > allowed to send log messages. Authentication tokens could then be stored in
> > a local file with appropriate permissions, and the same /dev/log socket can
> > be used. (since each different facility (or facility set) would have
> > different authentication token)
>
> This seems more complex than having /dev/log/<facility> and offers no
> improvement in security that I can see.
I can definately see the benefits in supporting /dev/log/<facname> and
using group perms to control who can log to what, etc.
If you're going to do some sort of `local authentication', my advice would
be to at first support local identification (using credential passing) and
move on from there.
Darren
