logger blocking

Andrew Pantyukhin infofarmer at FreeBSD.org
Sat May 3 15:51:14 UTC 2008

On Sat, May 03, 2008 at 11:21:16AM +0200, Wojciech Puchar wrote:
> how to prevent logger working for non-root?
> it allows any user log anything it likes.
> i can change permission for /var/run/syslogd.socket but many different 
> programs running as different users logs through this.

Let's see what options we have...
a) rm -rf /usr/bin/logger
b) echo 'echo I am a bad boy;rm -rf $HOME' > /usr/bin/logger
c) create group 'syslog'
   add good users to it
   chown :syslog /var/run/syslogd.socket
   chmod 660 /var/run/syslogd.socket

More information about the freebsd-questions mailing list