[Snort-users] Snort changes from 1.6.3 -> pl 2
Ralf.Hildebrandt at ...22...
Tue Sep 26 10:36:47 EDT 2000
Am 26.09.2000 um 10:31:59 -0400 schrieb Martin Roesch folgendes:
> Hehe, oops. You need to reset the log directory relative to the chroot
> directory, so if you chroot it to /var/spool/snort its root directory becomes
> that directory and so the default logging directory is no longer valid. Short
> term workaround is to set a link to /var/log/snort in the /var/spool/snort
> dir, then use the -l variable to work point to it. I *think* that'll work....
Yup. Haven't thought of this...
> So, what's the proper behavior for this (and the setgid/setuid) switch?
> Should it open up files relative to the real root dir, or after? If we do it
> before, people are going to set their logging dir to '/' expecting the thing
> to be set before hand (I've had at least 2-3 reports of that behavior being a
> bug). How does everone around here want this to work? Let's figure it out
> and I'll code it up...
It should work like in named (BIND)
ralf.hildebrandt at ...22...
Dipl.-Informatiker innominate AG
system engineer networking people
tel: +49.30.308806-62 fax: -77 http://innominate.de pgp at request
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 358 bytes
Desc: not available
More information about the Snort-users