Date: Sat, 3 May 2008 19:51:06 +0400 From: Andrew Pantyukhin <infofarmer@FreeBSD.org> To: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl> Cc: freebsd-questions@freebsd.org Subject: Re: logger blocking Message-ID: <20080503155104.GH92161@amilo.cenkes.org> In-Reply-To: <20080503111941.L10738@wojtek.tensor.gdynia.pl> References: <20080503111941.L10738@wojtek.tensor.gdynia.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, May 03, 2008 at 11:21:16AM +0200, Wojciech Puchar wrote: > how to prevent logger working for non-root? > it allows any user log anything it likes. > > i can change permission for /var/run/syslogd.socket but many different > programs running as different users logs through this. Let's see what options we have... a) rm -rf /usr/bin/logger b) echo 'echo I am a bad boy;rm -rf $HOME' > /usr/bin/logger c) create group 'syslog' add good users to it chown :syslog /var/run/syslogd.socket chmod 660 /var/run/syslogd.socket
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080503155104.GH92161>