Bug 17758

Summary: Consider running sysklogd with lower privilege
Product: [Retired] Red Hat Linux Reporter: Chris Evans <chris>
Component: sysklogdAssignee: Bill Nottingham <notting>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: low    
Version: 7.1CC: dr, notting, rvokal
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-09-20 23:22:59 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Chris Evans 2000-09-20 23:22:57 UTC 
Hi,

Well this is quite relevant after the recent klogd security hole.

If you think about it, syslogd and klogd are doing little more than writing
to a bunch of files. There is little reason to require "root" for this.

I'm not the first person to realize this. Here are some links to two
patches to run syslogd and
klogd with lower privilege. These links were both provided during very
recent discussion on
the security-audit list.

http://www.engin.umich.edu/caen/systems/Linux/code/patches/sysklogd-1.3-security.patch

ftp://ftp.openwall.com/pvt/sysklogd-1.3-31-owl-klogd-drop-root.diff.gz

Please consider for RH7.1 inclusion. Hopefully, we can head towards the
situation where
anything running in a default config, has been patched to run with
genuinely minimal
privilege.

Cheers
Chris
Comment 1 Bill Nottingham 2000-11-13 20:23:09 UTC 

*** This bug has been marked as a duplicate of 17682 ***