From owner-freebsd-current  Tue Aug 11 06:33:56 1998
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id GAA00297
          for freebsd-current-outgoing; Tue, 11 Aug 1998 06:33:56 -0700 (PDT)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from shell.fcc.net (shell.fcc.net [207.198.253.34])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA00290
          for <freebsd-current@FreeBSD.org>; Tue, 11 Aug 1998 06:33:54 -0700 (PDT)
          (envelope-from nathan@shell.fcc.net)
Received: (from nathan@localhost)
	by shell.fcc.net (8.8.8/8.8.8) id JAA11955;
	Tue, 11 Aug 1998 09:33:33 -0400 (EDT)
	(envelope-from nathan)
Message-ID: <19980811093333.A11944@fcc.net>
Date: Tue, 11 Aug 1998 09:33:33 -0400
From: Nathan Dorfman <nathan@fcc.net>
To: freebsd-current@FreeBSD.ORG
Subject: syslogd modification
Mail-Followup-To: freebsd-current@FreeBSD.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.91.1i
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

How about adding yet another -s option to syslogd? There is no reason
for a luser to be able to do something like

  logger -p auth.notice -t su BAD SU bob to root on /dev/ttyp3

On a machine with many users (such as a shell server), would it make
sense to keep all log sockets 0660 root/wheel? Something like:

--- syslogd.c	Tue Aug 11 08:59:19 1998
+++ syslogd.c.orig	Tue Aug 11 08:51:45 1998
@@ -385,8 +385,7 @@
 		if (funix[i] < 0 ||
 		    bind(funix[i], (struct sockaddr *)&sunx,
 			 SUN_LEN(&sunx)) < 0 ||
-		    chmod(funixn[i], SecureMode >= 2 ? 0660: 0666) < 0 ||
-		     chown(funixn[i], 0, 0) < 0) {
+		    chmod(funixn[i], 0666) < 0) {
 			(void) snprintf(line, sizeof line,
 					"cannot create %s", funixn[i]);
 			logerror(line);

This approach, as opposed to simply chmodding the file in /etc/rc, may
work better when you are using -l to create additional log sockets and
want them with these permissions too. With this patch, just run

  syslogd -ssl /tmp/foolog -l /tmp/barlog

If this is the Wrong Thing To Do (tm) can someone point out why?
-- 
  Nathan Dorfman            |    E-mail:  nathan@fcc.net
  Frontline Communications  |  Front desk: 914-623-8553:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message