On Wednesday 06 July 2005 05:05, Ian Eure <firstname.lastname@example.org> wrote:
> It's used by syslogd. Not 100% sure on this, but I believe it's how
> user-space apps send messages to syslog (e.g. with syslog(3)). If that's
> the case, it would need to be mode 666 for syslog(3) to work.
It doesn't have to be mode 0666, it just needs to be writable by every program
that you want to log via syslog. As there are many daemons which run as
non-root (most daemons should not have root privs) and there is no group for
daemons to allow such access it's almost required to grant every process
access to /dev/log.
If you want restricted access to /dev/log then you need something more capable
than regular Unix access control. POSIX ACLs could do the job, but you would
have to patch the syslogd to set the ACLs every time it starts up. If you
run SE Linux then /dev/log access is controlled and you can determine which
programs get access to it.
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
- From: michael <email@example.com>
- Re: /dev/log
- From: Ian Eure <firstname.lastname@example.org>