[Snort-users] Snort changes from 1.6.3 -> pl 2
wlmarque at ...8...
Tue Sep 26 11:53:42 EDT 2000
>> So, what's the proper behavior for this (and the setgid/setuid) switch?
>> Should it open up files relative to the real root dir, or after? If we do it
>> before, people are going to set their logging dir to '/' expecting the thing
>> to be set before hand (I've had at least 2-3 reports of that behavior being a
>> bug). How does everone around here want this to work? Let's figure it out
>> and I'll code it up...
>It should work like in named (BIND)
Hmmm...it should log relative to the chroot. If we don't there will be problems
kill -HUPing snort in daemon mode as once it's chrooted it shouldn't be able to
escape the jail for any reason (including a restart).
More information about the Snort-users