[syslog-ng] [Bug 108] 2.6.38+ will require CAP_SYSLOG (CAP_SYS_ADMIN not enough)
Matthew Hall
mhall at mhcomputing.net
Wed Jan 19 18:35:32 CET 2011
On Wed, Jan 19, 2011 at 06:17:40PM +0100, bugzilla at bugzilla.balabit.com wrote:
> --- Comment #1 from Arkadiusz Miśkiewicz <arekm at maven.pl> 2011-01-19 18:17:40 ---
> Solution used in PLD/Linux:
> http://cvs.pld-linux.org/cgi-bin/cvsweb/packages/syslog-ng/cap_syslog.patch
+ sscanf(uts.release, "%d.%d.%d", &x, &y, &z);
+ kernel_version = LINUX_VERSION(x, y, z);
That patch is not resilient in format changes in the string.
If I take stuff out or add weird stuff then *.scanf functions will corrupt the stack.
It would be better to use a regex with capture groups and check for the right count of them, then pass that to the version macro.
Matthew.
More information about the syslog-ng
mailing list