Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
 Back  |  Find  |  Login  |  Help 
icon5.gif   elogd runs by a user but not by root, posted by Dongwook Jang on Tue Apr 28 21:25:31 2009 
    icon2.gif   Re: elogd runs by a user but not by root, posted by Stefan Ritt on Wed Apr 29 07:52:57 2009 
       icon2.gif   Re: elogd runs by a user but not by root, posted by Dongwook Jang on Wed Apr 29 18:20:38 2009 
          icon2.gif   Re: elogd runs by a user but not by root, posted by Stefan Ritt on Thu Apr 30 08:40:43 2009 
             icon2.gif   Re: elogd runs by a user but not by root, posted by Dongwook Jang on Thu Apr 30 20:49:03 2009 
Message ID: 66335     Entry time: Wed Apr 29 18:20:38 2009     In reply to: 66333     Reply to this: 66336
Icon: Reply  Author: Dongwook Jang  Author Email: dwjang@fnal.gov 
Category: Question  OS: Linux  ELOG Version: 2.7.6 
Subject: Re: elogd runs by a user but not by root 

Stefan Ritt wrote:

 

Dongwook Jang wrote:

Hi,

I really don't understand why elogd cannot run by root but it runs by a user.

I've put elog deamon in /etc/init.d. So it didn't bring up, but it runs if I run it by user interactively.

Thanks,

Dongwook

 

That's a security issue. If elogd runs under a user and gets hacked, the hacker obtains just the user rights, which can be limited. If it runs under root, the hacker will automatically get root rights, which is bad. Technically, there is no reason why elogd cannot be run as root. Just put

Usr = root

Grp = root

into elogd.cfg. 

 Hi,

I wonder how others manage this situation because deamons in /etc/init.d is excercuted by root. So I cannot run in /etc/init.d/elogd when the system starts up.

What do you think?

Thanks,

Dongwook

ELOG V3.1.5-fe60aaf