Red Hat Bugzilla – Bug 17758
Consider running sysklogd with lower privilege
Last modified: 2014-03-16 22:16:25 EDT
Well this is quite relevant after the recent klogd security hole.
If you think about it, syslogd and klogd are doing little more than writing
to a bunch of files. There is little reason to require "root" for this.
I'm not the first person to realize this. Here are some links to two
patches to run syslogd and
klogd with lower privilege. These links were both provided during very
recent discussion on
the security-audit list.
Please consider for RH7.1 inclusion. Hopefully, we can head towards the
anything running in a default config, has been patched to run with
*** This bug has been marked as a duplicate of 17682 ***