This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/11930] New: [PATCH] use SCM_CREDENTIALS in syslog()
- From: "lennart at poettering dot net" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: 20 Aug 2010 02:44:36 -0000
- Subject: [Bug libc/11930] New: [PATCH] use SCM_CREDENTIALS in syslog()
- Reply-to: sourceware-bugzilla at sourceware dot org
The attached patch enables SCM_CREDENTIALS for all log messages written. This
has multiple benefits, most importantly: while previously log messages could not
be authenticated this now provides a reliable way how at least local log
messages can be made trustworthy, so that messages from privileged users can be
securely distinguished from messages from unprivileged users. In addition this
allows logging daemons to insert PID fields in log messages even if LOG_PID was
not set on the client side.
This patch should be compatible with existing syslogd implementations since the
server side has to explicitly enable reception of SCM_CREDENTIALS with
SO_PASSCRED. As long as they don't the data will silently be dropped by the
kernel and syslogd implementations should see no difference at all from the
traditional behaviour.
--
Summary: [PATCH] use SCM_CREDENTIALS in syslog()
Product: glibc
Version: unspecified
Status: NEW
Severity: enhancement
Priority: P2
Component: libc
AssignedTo: drepper at redhat dot com
ReportedBy: lennart at poettering dot net
CC: glibc-bugs at sources dot redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=11930
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.