Bug 17758 - Consider running sysklogd with lower privilege
Consider running sysklogd with lower privilege
Status: CLOSED DUPLICATE of bug 17682
Product: Red Hat Linux
Classification: Retired
Component: sysklogd (Show other bugs)
7.1
i386 Linux
low Severity medium
: ---
: ---
Assigned To: Bill Nottingham
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-09-20 19:22 EDT by Chris Evans
Modified: 2014-03-16 22:16 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-09-20 19:22:59 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Chris Evans 2000-09-20 19:22:57 EDT
Hi,

Well this is quite relevant after the recent klogd security hole.

If you think about it, syslogd and klogd are doing little more than writing
to a bunch of files. There is little reason to require "root" for this.

I'm not the first person to realize this. Here are some links to two
patches to run syslogd and
klogd with lower privilege. These links were both provided during very
recent discussion on
the security-audit list.

http://www.engin.umich.edu/caen/systems/Linux/code/patches/sysklogd-1.3-security.patch

ftp://ftp.openwall.com/pvt/sysklogd-1.3-31-owl-klogd-drop-root.diff.gz

Please consider for RH7.1 inclusion. Hopefully, we can head towards the
situation where
anything running in a default config, has been patched to run with
genuinely minimal
privilege.

Cheers
Chris
Comment 1 Bill Nottingham 2000-11-13 15:23:09 EST

*** This bug has been marked as a duplicate of 17682 ***

Note You need to log in before you can comment on or make changes to this bug.