On Fri, 2007-09-21 at 17:55 +0100, Simon Arlott wrote:
I've attached a patch that uses SO_PEERCRED to find the PID/UID/GID of the application using syslog. I wanted to be able to prevent users faking messages but at the same time not lose some of sshd's messages that are sent from a non-privileged process. The next step would be to send users' other messages to /home/$FROM_USER/syslog which would be owned by them - but owner(....) is only evaluated at startup...
Thanks for your contribution. The patch seems to be nicely implemented some nits here and there, but nothing severe. Could you please sign our contributor license agreement and fax it to us so I can actually use the code you posted? The document is here: http://www.balabit.com/dl/CLA_patch.pdf -- Bazsi