[OBSD 3.4 and Snort 2.0.0b72] snort does not handle kill -hup well when user/group param specified

[Calyth <calyth () shaw ca>]

I'm not sure whether this is a known issue or not, but a search on the 
mailing list doesn't turn up anything.
I suppose this can be logical, but if one starts snort and specify the 
username and group, snort won't respond well to a kill -HUP. 
Specifically, if you tried to use newsyslog to rotate the text log.
I know that many uses barnyard, but I don't think a) that my firewall 
have too much traffic to make barnyard a requirement, and b) I don't 
particularly want to bog down this (or another machine) with a database 
system for the traffic that I have. But I still would like to have the 
added safety for snort to change to another user after getting the 
sniffing privledge.
I would like to know whether can be addressed with developement. I 
somehow think that this might be impossible due to the way priviledges 
are handled...

Benton Lam



-------------------------------------------------------
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE. 
http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users