Bugtraq mailing list archives
Re: syslog (WAS: chroot'ed environment?)
From: marc () tky icdc fr (Marc Samama)
Date: Fri, 21 Apr 1995 09:59:14 +0900
An idea which just occurred to me, not tested at all. If you can connect() an AF_UNIX SOCK_DGRAM socket (and I'm not sure you can), the association with its peer might survive a chroot that renders the original pathname inaccessible. If this is so, it could provide an answer.
Actually, it is exactly what I have done yesterday. It is pretty easy (check the INET_SYSLOG define from BSD's libc/syslog.c) and it works very well. I didnt have to change anything from what I installed previously. (syslogd, /dev/syslog or whatever.) I didnt like very much the idea of putting /dev/syslog in the ftp area, so I choose to do this. The only thing that bothers me is that I didnt want syslogd to listen on its UDP port, but i guess I will just check the address of the incoming packets against the loopback address. (Didn't try that yet, thougth.) Marc.
Current thread:
- Re: syslog (WAS: chroot'ed environment?) Marc Samama (Apr 20)
- Re: syslog (WAS: chroot'ed environment?) Urban (Apr 21)
- Re: syslog (WAS: chroot'ed environment?) Tom Fitzgerald (Apr 21)
- <Possible follow-ups>
- Re: syslog (WAS: chroot'ed environment?) ADMINISTRATOR.ROUTER () SMROUTER IDCG COM (Apr 22)