Subject: Re: /var/run/log
To: None <email@example.com>
From: Luke Mewburn <firstname.lastname@example.org>
Date: 02/12/2001 05:32:27
On Sun, Feb 11, 2001 at 11:09:22AM +0100, email@example.com wrote:
> why it have 666 permissions - it allows everybody to log anything and with
> -t option it could look like anything else (for eg. kernel messages)
How else do you allow arbitrary programs that don't run as root to log to
syslog unless it's world writable? Creating a special `syslog' group and
putting all the appropriate users in seems tedious to me.
As to your concerns about logging kernel messages as an ordinary user
(e.g, using logger(1) -t), I suggest you check syslog(3), because you'll
see the following comment:
LOG_KERN Messages generated by the kernel. These cannot be
generated by any user processes.
If you check usr.sbin/syslogd/syslogd.c::printline(), you'll see:
/* don't allow users to log kernel messages */
if (LOG_FAC(pri) == LOG_KERN)
pri = LOG_MAKEPRI(LOG_USER, LOG_PRI(pri));
Luke Mewburn <firstname.lastname@example.org> http://www.wasabisystems.com
Luke Mewburn <email@example.com> http://www.netbsd.org
Wasabi Systems - providing NetBSD sales, support and service.