public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/11930] New: [PATCH] use SCM_CREDENTIALS in syslog()
@ 2010-08-20 2:44 lennart at poettering dot net
2010-08-20 2:46 ` [Bug libc/11930] " lennart at poettering dot net
2010-08-21 1:32 ` lennart at poettering dot net
0 siblings, 2 replies; 3+ messages in thread
From: lennart at poettering dot net @ 2010-08-20 2:44 UTC (permalink / raw)
To: glibc-bugs
The attached patch enables SCM_CREDENTIALS for all log messages written. This
has multiple benefits, most importantly: while previously log messages could not
be authenticated this now provides a reliable way how at least local log
messages can be made trustworthy, so that messages from privileged users can be
securely distinguished from messages from unprivileged users. In addition this
allows logging daemons to insert PID fields in log messages even if LOG_PID was
not set on the client side.
This patch should be compatible with existing syslogd implementations since the
server side has to explicitly enable reception of SCM_CREDENTIALS with
SO_PASSCRED. As long as they don't the data will silently be dropped by the
kernel and syslogd implementations should see no difference at all from the
traditional behaviour.
--
Summary: [PATCH] use SCM_CREDENTIALS in syslog()
Product: glibc
Version: unspecified
Status: NEW
Severity: enhancement
Priority: P2
Component: libc
AssignedTo: drepper at redhat dot com
ReportedBy: lennart at poettering dot net
CC: glibc-bugs at sources dot redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=11930
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2010-08-21 1:32 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-08-20 2:44 [Bug libc/11930] New: [PATCH] use SCM_CREDENTIALS in syslog() lennart at poettering dot net
2010-08-20 2:46 ` [Bug libc/11930] " lennart at poettering dot net
2010-08-21 1:32 ` lennart at poettering dot net
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).