Hi there, I've been using syslog-ng for quite a while and I really like that program. There is just one feature I'm missing: In my current setup, I have all the logging data sorted into files within one directory, according the the name of the program sending the message. The documentation states correctly that this is a security problem, since the $PROGRAM variable might contain just about anything, including / and . making it possible for any user to write data to about any file in the filesystem. Even on my private system, where security is not a concern, this turns out to be nasty, since a small number of programs state their whole path as program name. my idea whould be to provide an alternative variable, e.g. $PROGRAM_ESC that is internally converted to a defined set of legal characters. This does not even have to be a high-quality, reversable conversion. A plain, well defined mangling should be absolutely enough. Ciao, Nobbi PS: Please CC me, I'm not subscribed. -- -- ______________________________________________________ -- JESUS CHRIST IS LORD! -- To Him, even that machine here has to obey... -- -- _________________________________Norbert "Nobbi" Nemec -- Hindenburgstr. 44 ... D-91054 Erlangen ... Germany -- eMail: <nobbi@cheerful.com> Tel: +49-(0)-9131-204180