sysklogd security issues

Matthew Burgess matthew at linuxfromscratch.org
Thu Apr 7 13:21:48 PDT 2005


Folks,

There's a bunch of security related patches at 
http://www.infodrom.org/projects/sysklogd/download/patches/.  None of 
them appear to be in the huge patch we already have for sysklogd. 
Indeed all of them (with the exception of the syslogd.byhost.diff) apply 
with offsets following the application of our patch.  Do we need/want 
any of them?

* sysklogd-1.4.1-security.patch: support for running klogd as a non-root 
user, and dropping root priv's accordingly
* sysklogd-1.4.1-caen-owl-syslogd-drop-root.diff - support for running 
syslogd as a non-root user, and dropping root priv's accordingly
* sysklogd-1.4.1-caen-owl-syslogd-bind.diff - support for binding 
syslogd to a particular interface, rather than INADDR_ANY.
* sysklogd-1.4.1-caen-owl-klogd-drop-root.diff - support for running 
klogd as a non-root user and running it in a chroot jail.
* syslogd.byhost.diff.gz - support for logging for specified hosts only

Incidentally, http://lists.infodrom.org/infodrom-sysklogd/2005/0001.html 
suggests that a new version of sysklogd is dependent on Debian's release 
schedule...I ain't holding my breath for a release any time soon then!

Regards,

Matt.



More information about the lfs-dev mailing list