Re: Parsing log files

First, are you sure that you want JoeUser to access /var/log/messages? That log can contain sensitive data.

Assuming you do want to show the world your logs, what about having another process (run by root) copy the log to a safe location every few minutes, and chmod it? (inherent in that response is that I wouldn't want any CGI scripts accessing outside of a /pub_html directory, or some such)

Comment on Re: Parsing log files

Replies are listed 'Best First'.
RE: Re: Parsing log files by BastardOperator (Monk) on Sep 12, 2000 at 04:35 UTC
Good advice. I would re-iterate that you probably really don't want to do this, but if you're going to anyway, you're looking at either doing what was suggested above, or doing an suid thing (bad plan). So, you're basically left with what was said above, in which case I would add that you may want to just grep out the relevant info from the logfile rather than copy the entire thing. Make sure that you have proper rules to grab _only_ the info you would want Mr. Evil Hacker to see. Even if this is on an intranet, I don't know about you, but I don't trust my users anymore than absolutely necessary, soooo...	[reply]

Replies are listed 'Best First'.

RE: Re: Parsing log files
by BastardOperator (Monk) on Sep 12, 2000 at 04:35 UTC

Good advice. I would re-iterate that you probably really don't want to do this, but if you're going to anyway, you're looking at either doing what was suggested above, or doing an suid thing (bad plan). So, you're basically left with what was said above, in which case I would add that you may want to just grep out the relevant info from the logfile rather than copy the entire thing. Make sure that you have proper rules to grab _only_ the info you would want Mr. Evil Hacker to see. Even if this is on an intranet, I don't know about you, but I don't trust my users anymore than absolutely necessary, soooo...

[reply]