sysklogd security issues

Robert Connolly robert at linuxfromscratch.org
Thu Apr 7 13:27:09 PDT 2005


These are all feature enhancements, not bug fixes.

robert

On April 7, 2005 04:21 pm, Matthew Burgess wrote:
> Folks,
>
> There's a bunch of security related patches at
> http://www.infodrom.org/projects/sysklogd/download/patches/.  None of
> them appear to be in the huge patch we already have for sysklogd.
> Indeed all of them (with the exception of the syslogd.byhost.diff) apply
> with offsets following the application of our patch.  Do we need/want
> any of them?
>
> * sysklogd-1.4.1-security.patch: support for running klogd as a non-root
> user, and dropping root priv's accordingly
> * sysklogd-1.4.1-caen-owl-syslogd-drop-root.diff - support for running
> syslogd as a non-root user, and dropping root priv's accordingly
> * sysklogd-1.4.1-caen-owl-syslogd-bind.diff - support for binding
> syslogd to a particular interface, rather than INADDR_ANY.
> * sysklogd-1.4.1-caen-owl-klogd-drop-root.diff - support for running
> klogd as a non-root user and running it in a chroot jail.
> * syslogd.byhost.diff.gz - support for logging for specified hosts only
>
> Incidentally, http://lists.infodrom.org/infodrom-sysklogd/2005/0001.html
> suggests that a new version of sysklogd is dependent on Debian's release
> schedule...I ain't holding my breath for a release any time soon then!
>
> Regards,
>
> Matt.



More information about the lfs-dev mailing list