On Sat, Feb 12, 2011 at 02:22:21PM -0500, Eric wrote:
> On Sat, Feb 12, 2011 at 1:56 PM, Otto Moerbeek <o...@drijf.net> wrote:
> > On Sat, Feb 12, 2011 at 12:53:47PM -0500, Eric wrote:
> >
> >> On Sat, Feb 12, 2011 at 12:00 PM, Ted Unangst <ted.unan...@gmail.com>
> >> wrote:
> >> > On Sat, Feb 12, 2011 at 9:49 AM, Eric <airu...@gmail.com> wrote:
> >> >> I'm making some modifications to syslogd/syslog so that I can control
> >> access
> >> >> to log sockets and have a set of high integrity log files that didn't
> >> >> receive logs
> >> >> from world-writable log sockets. ?Briefly, this means:
> >> >
> >> > It means you put the socket into a directory with the appropriate
> >> > permissions. ?Sockets don't have permissions.
> >> >
> >>
> >> I just tested it: sockets have permissions on OpenBSD and they are
> >> enforced.
> >
> > Yes, originally permissions on sockets were not enforced. But creating
> > a socket and setting permissions on it is still subject to race
> > conditions. So in practice you'll need dirs.
> >
> > ? ? ? ?-Otto
> >
>
> Syslogd already uses socket permissions to protect its control socket:
>
> if (ctlsock_path != NULL) {
> fd = unix_socket(ctlsock_path, SOCK_STREAM, 0600);
> if (fd != -1) {
>
> Should I patch it so that the control socket is placed in a directory
> with appropriate permissions?
Probably not, unix_socket() seems to do it right and socket ownership
doesn't come into play.
-Otto
