On Sat, Feb 12, 2011 at 12:53:47PM -0500, Eric wrote:
> On Sat, Feb 12, 2011 at 12:00 PM, Ted Unangst <ted.unan...@gmail.com> wrote:
> > On Sat, Feb 12, 2011 at 9:49 AM, Eric <airu...@gmail.com> wrote:
> >> I'm making some modifications to syslogd/syslog so that I can control
> access
> >> to log sockets and have a set of high integrity log files that didn't
> >> receive logs
> >> from world-writable log sockets. Briefly, this means:
> >
> > It means you put the socket into a directory with the appropriate
> > permissions. Sockets don't have permissions.
> >
>
> I just tested it: sockets have permissions on OpenBSD and they are enforced.
Yes, originally permissions on sockets were not enforced. But creating
a socket and setting permissions on it is still subject to race
conditions. So in practice you'll need dirs.
-Otto
