Home page logo

bugtraq logo Bugtraq mailing list archives

Re: syslog (WAS: chroot'ed environment?)
From: marc () tky icdc fr (Marc Samama)
Date: Fri, 21 Apr 1995 09:59:14 +0900

An idea which just occurred to me, not tested at all.  If you can
connect() an AF_UNIX SOCK_DGRAM socket (and I'm not sure you can), the
association with its peer might survive a chroot that renders the
original pathname inaccessible.  If this is so, it could provide an

Actually, it is exactly what I have done yesterday. It is pretty easy (check the
INET_SYSLOG define from BSD's libc/syslog.c) and it works very well. I didnt 
have to change anything from what I installed previously. (syslogd, /dev/syslog
or whatever.)

I didnt like very much the idea of putting /dev/syslog in the ftp area, 
so I choose to do this.

The only thing that bothers me is that I didnt want syslogd to listen on its
UDP port, but i guess I will just check the address of the incoming packets
against the loopback address. (Didn't try that yet, thougth.)


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]