logger blocking
Andrew Pantyukhin
infofarmer at FreeBSD.org
Sat May 3 15:51:14 UTC 2008
On Sat, May 03, 2008 at 11:21:16AM +0200, Wojciech Puchar wrote:
> how to prevent logger working for non-root?
> it allows any user log anything it likes.
>
> i can change permission for /var/run/syslogd.socket but many different
> programs running as different users logs through this.
Let's see what options we have...
a) rm -rf /usr/bin/logger
b) echo 'echo I am a bad boy;rm -rf $HOME' > /usr/bin/logger
c) create group 'syslog'
add good users to it
chown :syslog /var/run/syslogd.socket
chmod 660 /var/run/syslogd.socket
More information about the freebsd-questions
mailing list