Package: bsdutils
Version: 1:2.40.2-9
Severity: normal
File: /usr/bin/logger
Hi,
the manual page of logger says regarding --id:
logger(1) is able to set
those socket credentials to the given id, but only if you have root
permissions and a process with the specified PID exists, otherwise
the socket credentials are not modified and the problem is silently
ignored.
However, when logger is called without privilges, for example in an
unprivileged podman container, this is not silently ignored:
$ sudo setpriv --inh-caps -SYS_ADMIN --bounding-set -SYS_ADMIN -- logger -t
test --id="$$" 'BAD: without CAP_SYS_ADMIN'; echo $?
logger: send message failed: Operation not permitted
0
Is this the intended way to handle things? Writing an error message to
stdout is not "silently".
Greetings
Marc
-- System Information:
Debian Release: trixie/sid
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.11.4-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages bsdutils depends on:
ii libc6 2.40-3
ii libsystemd0 256.7-2
Versions of packages bsdutils recommends:
ii bsdextrautils 2.40.2-9
bsdutils suggests no packages.
-- no debconf information
