Actions
Feature #1678
closedopen umask settings or make them configurable
Effort:
Difficulty:
Label:
Description
Log forwarders that run as less than root can't read log files, as they have a umask of 0127 that is hardcoded in util-daemon. That means modifying an upstart script to add a umask, for instance, is ignored.
Here's the code:
https://github.com/inliniac/suricata/blob/fc7f090cd3268a3a624177cef32a9576b74975e3/src/util-daemon.c#L127
I think it's "just" a matter of reading in a umask from the suricata.yaml config. Yes, there are security concerns with allowing world-readable; there are also security concerns with log forwarders running as root.
Updated by Victor Julien almost 9 years ago
- Assignee set to OISF Dev
- Target version set to 70
Updated by Victor Julien almost 7 years ago
- Status changed from New to Closed
- Assignee changed from OISF Dev to Mats Klepsland
- Target version changed from 70 to 4.1beta1
Actions