public inbox for glibc-bugs@sourceware.org help / color / mirror / Atom feed
From: "lennart at poettering dot net" <sourceware-bugzilla@sourceware.org> To: glibc-bugs@sources.redhat.com Subject: [Bug libc/11930] New: [PATCH] use SCM_CREDENTIALS in syslog() Date: Fri, 20 Aug 2010 02:44:00 -0000 [thread overview] Message-ID: <20100820024435.11930.lennart@poettering.net> (raw) The attached patch enables SCM_CREDENTIALS for all log messages written. This has multiple benefits, most importantly: while previously log messages could not be authenticated this now provides a reliable way how at least local log messages can be made trustworthy, so that messages from privileged users can be securely distinguished from messages from unprivileged users. In addition this allows logging daemons to insert PID fields in log messages even if LOG_PID was not set on the client side. This patch should be compatible with existing syslogd implementations since the server side has to explicitly enable reception of SCM_CREDENTIALS with SO_PASSCRED. As long as they don't the data will silently be dropped by the kernel and syslogd implementations should see no difference at all from the traditional behaviour. -- Summary: [PATCH] use SCM_CREDENTIALS in syslog() Product: glibc Version: unspecified Status: NEW Severity: enhancement Priority: P2 Component: libc AssignedTo: drepper at redhat dot com ReportedBy: lennart at poettering dot net CC: glibc-bugs at sources dot redhat dot com http://sourceware.org/bugzilla/show_bug.cgi?id=11930 ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
next reply other threads:[~2010-08-20 2:44 UTC|newest] Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top 2010-08-20 2:44 lennart at poettering dot net [this message] 2010-08-20 2:46 ` [Bug libc/11930] " lennart at poettering dot net 2010-08-21 1:32 ` lennart at poettering dot net
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20100820024435.11930.lennart@poettering.net \ --to=sourceware-bugzilla@sourceware.org \ --cc=glibc-bugs@sources.redhat.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).