[syslog-ng]destination X { program(); }; and security

[David Douthitt]

Gregor Binder wrote:

> Is using a program destination like "sed -e 's#<XX>#<YY>#' | your_prog"
> an option?

You can do that?  I see that the program() destination is an execl()
call - I didn't think a pipe would work there.

Also, I noticed that items run via program() run as root - at least
when syslog-ng is run as root.  Is it possible to have syslog-ng drop
priveledges?  In fact, is it possible to have syslog-ng drop its own
priveledges as soon as possible and run as a normal user?  Perhaps as
nobody?