Optimization #2373: unix domain socket owner stays root when priviledges dropped - Suricata - Open Information Security Foundation

Actions

Copy link

Optimization #2373

closed

RS OD

unix domain socket owner stays root when priviledges dropped

Optimization #2373: unix domain socket owner stays root when priviledges dropped

Added by Richard Sailer over 8 years ago. Updated 10 months ago.

Status:

Closed

Priority:

Normal

Assignee:

OISF Dev

Target version:

TBD

Effort:

Difficulty:

Label:

Description

related: https://github.com/OISF/suricata/pull/3052

macpas suggest to solve this via extending the permissions on the socket
from rw-r-----
to rw-rw---- .

I think the nicer way to solve the problem is by setting the socket owner to the new user before we drop priviledges

Related issues 1 (1 open — 0 closed)

RS Updated by Richard Sailer over 8 years ago Actions
Copy link
#1

Status changed from New to Feedback
Assignee set to Richard Sailer

RS Updated by Richard Sailer over 8 years ago Actions
Copy link
#2

Subject changed from unix domain socket owner not updated when priviledges dropped to unix domain socket owner stays root when priviledges dropped
Description updated (diff)

RS Updated by Richard Sailer over 8 years ago Actions
Copy link
#3

Related to Optimization #2337: give warning if permissions won't allow log reopen after dropping privs added

AH Updated by Andreas Herz over 8 years ago Actions
Copy link
#4

Target version set to TBD

AH Updated by Andreas Herz about 7 years ago Actions
Copy link
#5

Assignee changed from Richard Sailer to OISF Dev

PA Updated by Philippe Antoine 10 months ago Actions
Copy link
#6

Tracker changed from Bug to Optimization

JI Updated by Jason Ish 10 months ago Actions
Copy link
#7

Status changed from Feedback to Closed

Closing. Looks like this was fixed in 2017 (commit: babe8a299e?). Anyways, it has not been an issue since at least 6.0.

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries