Gentoo Archives: gentoo-security

From: Serge Koksharov <gentoosiast@××××××.ru>
To: gentoo-security@l.g.o
Subject: [gentoo-security] Running app-admin/syslog-ng without root privileges
Date: Wed, 16 Nov 2005 09:52:41

I am trying to run syslog-ng v1.6.8 without root privileges, under
dedicated account. All goes fine, except messages from kernel buffer
/proc/kmsg. I'm not surprised, because /proc/kmsg have permission bits
set to 0400 and owner:group to root:root. As I know in good old
app-admin/sysklogd same goal accomplished by actually running two
processes: one which reads from /proc/kmsg under root privileges &
another one which reads from /dev/log and does everything else under
dedicated non-root account. May be we need to ask syslog-ng authors to
implement the same scheme as in sysklogd?

Thanks in advance.

gentoo-security@g.o mailing list


Subject Author
Re: [gentoo-security] Running app-admin/syslog-ng without root privileges Taka John Brunkhorst <antiwmac@×××××.com>