sysklogd security issues
matthew at linuxfromscratch.org
Thu Apr 7 13:21:48 PDT 2005
There's a bunch of security related patches at
http://www.infodrom.org/projects/sysklogd/download/patches/. None of
them appear to be in the huge patch we already have for sysklogd.
Indeed all of them (with the exception of the syslogd.byhost.diff) apply
with offsets following the application of our patch. Do we need/want
any of them?
* sysklogd-1.4.1-security.patch: support for running klogd as a non-root
user, and dropping root priv's accordingly
* sysklogd-1.4.1-caen-owl-syslogd-drop-root.diff - support for running
syslogd as a non-root user, and dropping root priv's accordingly
* sysklogd-1.4.1-caen-owl-syslogd-bind.diff - support for binding
syslogd to a particular interface, rather than INADDR_ANY.
* sysklogd-1.4.1-caen-owl-klogd-drop-root.diff - support for running
klogd as a non-root user and running it in a chroot jail.
* syslogd.byhost.diff.gz - support for logging for specified hosts only
suggests that a new version of sysklogd is dependent on Debian's release
schedule...I ain't holding my breath for a release any time soon then!
More information about the lfs-dev