Re: Re : [gentoo-security] Running app-admin/syslog-ng without rootprivileges - Miguel Figueiredo Mascarenhas Sousa Filipe

public inbox for gentoo-security@lists.gentoo.org
 help / color / mirror / Atom feed

From: "Miguel Figueiredo Mascarenhas Sousa Filipe" <miguel.filipe@gmail.com>
To: gentoo-security@lists.gentoo.org
Subject: Re: Re : [gentoo-security] Running app-admin/syslog-ng without rootprivileges
Date: Mon, 9 Oct 2006 14:02:39 +0100	[thread overview]
Message-ID: <f058a9c30610090602k7ffdbc74taec263fdebbe83cf@mail.gmail.com> (raw)
In-Reply-To: <1132143201.22200.174.camel@puddle-jumper.>

On 11/16/05, Brad Plant <bplant@westnet.com.au> wrote:
> On Wed, 2005-11-16 at 12:54 +0100, varagnat@bertin.fr wrote:
> > > dedicated non-root account. May be we need to ask syslog-ng authors to
> > > implement the same scheme as in sysklogd?
> >
> > Or syslog-ng could have root permissions just for opening /proc/kmsg and then leave its rights when switching to normal user. But by saying that I make some assumptions on how /proc/kmsg works and how it must be used.
>
> I ran syslog-ng as a non-root user once before, but now I run it as
> root. From what I can remember, syslog-ng opened /proc/kmsg before
> dropping privileges, however when you sent the HUP signal (i.e. after
> running logrotate) it closed all the files and reopened them again.
> Because it no longer had root permissions, it couldn't
> reopen /proc/kmsg.

the workaround is to "lseek(0)" instead of closing and open
/proc/kmsg, but doing a lseek in a virtual file li /proc/kmsg is weird
and I don't know it's implications..
Other way, is to simply skip the reopen of /proc/kmsg.

>
> If /proc/kmsg was group readable and the group was set to a special
> logger group, then I don't see why syslog-ng couldn't be run as a
> non-root user.

that means patching the kernel...
I guess it's better to patch on userland, and leave the kernel to
kernel hackers...
Also, it's cleaner to make the app secure within itselft, instead of
relying on the OS to change the permission and group of /proc/kmsg..

>
> Cheers,
>
> Brad
>
> --
> gentoo-security@gentoo.org mailing list
>
>

Best regards,

-- 
Miguel Sousa Filipe
-- 
gentoo-security@gentoo.org mailing list

     prev parent reply	other threads:[~2006-10-09 13:11 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-11-16 11:54 Re : [gentoo-security] Running app-admin/syslog-ng without rootprivileges varagnat
2005-11-16 12:13 ` Brad Plant
2005-11-17 13:50   ` Jerome Poggi
2006-10-09 13:02   ` Miguel Figueiredo Mascarenhas Sousa Filipe [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=f058a9c30610090602k7ffdbc74taec263fdebbe83cf@mail.gmail.com \
    --to=miguel.filipe@gmail.com \
    --cc=gentoo-security@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox