Snort mailing list archives
[OBSD 3.4 and Snort 2.0.0b72] snort does not handle kill -hup well when user/group param specified
From: Calyth <calyth () shaw ca>
Date: Mon, 03 May 2004 02:56:01 -0700
I'm not sure whether this is a known issue or not, but a search on the mailing list doesn't turn up anything. I suppose this can be logical, but if one starts snort and specify the username and group, snort won't respond well to a kill -HUP. Specifically, if you tried to use newsyslog to rotate the text log. I know that many uses barnyard, but I don't think a) that my firewall have too much traffic to make barnyard a requirement, and b) I don't particularly want to bog down this (or another machine) with a database system for the traffic that I have. But I still would like to have the added safety for snort to change to another user after getting the sniffing privledge. I would like to know whether can be addressed with developement. I somehow think that this might be impossible due to the way priviledges are handled...
Benton Lam ------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10gGet certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- [OBSD 3.4 and Snort 2.0.0b72] snort does not handle kill -hup well when user/group param specified Calyth (May 03)