This feature provides a unique group for programs, that read logs. Especially, they don't need superuser rights to do so.
- Name: Matthias Runge
- Email: firstname.lastname@example.org
- Targeted release: Fedora 16
- Last updated: Mar 04 2011
- Percentage of completion: 0%
In Fedora versions up to Fedora 15 system logs are owned by root and are only readable by root. Log processing programs need to be executed with superuser privileges. This should be changed.
Benefit to Fedora
Fedora benefits by more security.
This change involves very few steps:
1. change logs to be group readable 2. change logs to be grouped logreader 3. execute log processing programs using logreader group
How To Test
This is an enhancement and will break probably nothing. Especially older programs will continue to work.
- no further material yet.
- nothing of end user interest.