[Snort-devel] Unified output / running snort unpriviledged
kreft at ...1955...
Thu Apr 24 03:43:07 EDT 2003
If the spo_unified output plugin is used and snort is started with
the -u or -g parameter, the logfiles are beeing owned by root
after startup anyways. Reason: These files are beeing opened by
snort before priviledges are beeing dropped.
This behaviour upsets the mudpit logprocessor, if also run as an
unpriviledged process. (Mudpit automatically deletes the files
after they were processed.)
Im Namen der Toleranz sollten wir daher das Recht beanspruchen, die
Intoleranz nicht zu tolerieren.
More information about the Snort-devel