From: Martin Schmitt (no email)
Date: Thu Sep 22 2005 - 09:05:44 EDT
Wietse Venema schrieb:
> openlog(2) is called before chroot(2).
Simple explanation. Thanks Wietse!
Now, on to the next level:
Since the chrooted Postfix subsystems talk to the system's syslogd
(through the additional socket and with openlog before chroot as well),
I'm completely certain that I'm going to be asked by $CLIENT what
happens if someone tries to exploit a hole in syslogd to take over the
system.
So far, I have only chrooted daemons that log to a local file. With
Postfix, I'm forced to use syslog, which has always been perfectly fine
for me, but leaves me with questions about syslogd's security in this
paranoid environment.
Can anybody on the list offer some words of comfort regarding the
security of syslogging?
Thanks,
-martin
-- +-------------------------+------------------------+ | Martin Schmitt | Schmitt Systemberatung | | http://www.scsy.de/~mas | http://www.scsy.de | +-------------------------+------------------------+
|
|
|