sysklogd priv seperation

Robert Connolly robert at linuxfromscratch.org
Sun Jan 23 09:30:34 PST 2005


Hello. I want some options about something. With sysklogd's privilege 
separation patches... when the server is started the files are opened as 
root, if the daemon gets a SIGHUP (reload) then the syslog user will reopen 
the files. So unless the syslog user has write permission to the logs we 
can't reload syslogd. At first I thought this was fine, just use restart 
instead. But now I don't think there's a security problem with letting the 
syslog user own the logs. Under normal circumstances that user can write to 
the logs anyway.

So, would it be alright if the syslog user has write permission to the logs so 
SIGHUP can work properly? If so, should it be:

chown syslog /var/log
or
chgrp syslog /var/log && chmod g+w /var/log

It needs write permission to the whole directory because it will compress logs 
when they're rotated, creating new files. Either of these will let the syslog 
user do anything it wants with the logs, unless something is read-only by 
root. We can adjust the file creation mode by syslogd too.

robert



More information about the hlfs-dev mailing list