This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug libc/11930] New: [PATCH] use SCM_CREDENTIALS in syslog()


The attached patch enables SCM_CREDENTIALS for all log messages written. This
has multiple benefits, most importantly: while previously log messages could not
be authenticated this now provides a reliable way how at least local log
messages can be made trustworthy, so that messages from privileged users can be
securely distinguished from messages from unprivileged users. In addition this
allows logging daemons to insert PID fields in log messages even if LOG_PID was
not set on the client side.

This patch should be compatible with existing syslogd implementations since the
server side has to explicitly enable reception of SCM_CREDENTIALS with
SO_PASSCRED. As long as they don't the data will silently be dropped by the
kernel and syslogd implementations should see no difference at all from the 
traditional behaviour.

-- 
           Summary: [PATCH] use SCM_CREDENTIALS in syslog()
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: libc
        AssignedTo: drepper at redhat dot com
        ReportedBy: lennart at poettering dot net
                CC: glibc-bugs at sources dot redhat dot com


http://sourceware.org/bugzilla/show_bug.cgi?id=11930

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]