[syslog-ng]Feature Suggestion: Additional variable $PROGRAM_ESC for filename expansion

[Norbert Nemec]

Hi there,

I've been using syslog-ng for quite a while and I really like that program. 
There is just one feature I'm missing:

In my current setup, I have all the logging data sorted into files within one 
directory, according the the name of the program sending the message.

The documentation states correctly that this is a security problem, since the 
$PROGRAM variable might contain just about anything, including / and . making 
it possible for any user to write data to about any file in the filesystem. 
Even on my private system, where security is not a concern, this turns out to 
be nasty, since a small number of programs state their whole path as program 
name.

my idea whould be to provide an alternative variable, e.g. $PROGRAM_ESC that 
is internally converted to a defined set of legal characters. This does not 
even have to be a high-quality, reversable conversion. A plain, well defined 
mangling should be absolutely enough.

Ciao,
Nobbi

PS: Please CC me, I'm not subscribed.

-- 
-- ______________________________________________________
-- JESUS CHRIST IS LORD!
--          To Him, even that machine here has to obey...
--
-- _________________________________Norbert "Nobbi" Nemec
-- Hindenburgstr. 44  ...  D-91054 Erlangen  ...  Germany
-- eMail: <nobbi@cheerful.com>   Tel: +49-(0)-9131-204180