Re: [CRONOLOG]: write logs as Apache User 'nobody'

To: Sven Köhler <skoehler@xxxxxx>
Subject: Re: [CRONOLOG]: write logs as Apache User 'nobody'
From: Angus Berry <angus.berry@xxxxxxxxx>
Date: Sat, 13 Nov 2004 15:46:19 -0500
Cc: cronolog-users@xxxxxxxxxxxxxxxx
In-reply-to: <41965B43.6010305@upb.de>
References: <1100367389.2321.651.camel@vaio1linux> <41965B43.6010305@upb.de>
Reply-to: angus.berry@xxxxxxxxx

Thanks for the suggestion. I tried:

CustomLog "| sudo -u nobody /usr/local/sbin/cronolog /home/....blabla

In my Apache httpd.conf, but then Apache won't start, unless I comment
the line back out.

Did I misunderstand your suggestion?


On Sat, 2004-11-13 at 14:06, Sven KÃ¶hler wrote:
> > I have a fairly standard Apache 2.0.47 install on Linux. It starts as
> > root and then switches to user 'nobody', however the logs are still
> > written as owned by the user 'root'
> 
> Well, afaik that's the default behaviour since a file-write is not 
> considered to be dangerous. If you consider cronolog as a security risk, 
> you may be abled to execute it by replacing "| cronolog" with "| sudo -u 
> nobody cronolog" in the config-files.
>

Follow-Ups:
- Re: [CRONOLOG]: write logs as Apache User 'nobody'
  - From: Burt Heymanson
- Re: [CRONOLOG]: write logs as Apache User 'nobody'
  - From: Sven Köhler

References:
- write logs as Apache User 'nobody'
  - From: Angus Berry
- Re: [CRONOLOG]: write logs as Apache User 'nobody'
  - From: Sven Köhler

Prev by Date: Re: [CRONOLOG]: write logs as Apache User 'nobody'
Next by Date: Strange Apache problem with ErrorLog
Previous by thread: Re: [CRONOLOG]: write logs as Apache User 'nobody'
Next by thread: Re: [CRONOLOG]: write logs as Apache User 'nobody'
Index(es):
- Date
- Thread