[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /dev/log

On Wednesday 06 July 2005 05:05, Ian Eure <ieure@debian.org> wrote:
> It's used by syslogd. Not 100% sure on this, but I believe it's how
> user-space apps send messages to syslog (e.g. with syslog(3)). If that's
> the case, it would need to be mode 666 for syslog(3) to work.

It doesn't have to be mode 0666, it just needs to be writable by every program 
that you want to log via syslog.  As there are many daemons which run as 
non-root (most daemons should not have root privs) and there is no group for 
daemons to allow such access it's almost required to grant every process 
access to /dev/log.

If you want restricted access to /dev/log then you need something more capable 
than regular Unix access control.  POSIX ACLs could do the job, but you would 
have to patch the syslogd to set the ACLs every time it starts up.  If you 
run SE Linux then /dev/log access is controlled and you can determine which 
programs get access to it.

http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to: