2016-01-30 2:56 GMT+01:00 David Lang <[email protected]>: >> PrivateTmp=yes > > > what use of /tmp does rsyslog make? If none, can we just block access rather > than going to all the effort of creating a custom version? > > This can also affect things that rsyslog runs through omprog/etc. so > documentation is needed.
programs spawned by omprog would have access to the rsyslog tmpdir, so that shouldn't be an issue. The only problem I can see is, if you setup an external component to e.g. log to /tmp/file and then let imfile read from that. rsyslog wouldn't have access to /tmp/file in that case. Do people do that in practice? > Along similar lines, if rsyslog isn't creating /dev/log, can access to > devices be disabled (PrivateDevices)? Hm, that should indeed work, thanks for the hint. I think we should be able to safely switch on PrivateDevices=yes -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
