Snort mailing list archives

Snort priv. drop and chroot before/after changing uid/gid

From: Bill Parker <wp02855 () gmail com>
Date: Thu, 10 Sep 2015 14:09:38 -0700

Hi All,

    I ran into an instance where having snort set it's UID/GID before
dropping priv/chroot can lead to a problem creating a .PID in /var/run, due
to user permissions.  I know this behavior was changed in reading the Snort
Changelog, but perhaps a CLI switch could be added to write PID before
changing to user/group, rather than afterwards?

Bill

p.s. - when this happens, the snort script daemon can't find the correct
PID to kill is why I'm mentioning it :)

------------------------------------------------------------------------------
Monitor Your Dynamic Infrastructure at Any Scale With Datadog!
Get real-time metrics from all of your servers, apps and tools
in one place.
SourceForge users - Click here to start your Free Trial of Datadog now!
http://pubads.g.doubleclick.net/gampad/clk?id=241902991&iu=/4140

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!

Current thread:

Snort priv. drop and chroot before/after changing uid/gid Bill Parker (Sep 10)
- Re: Snort priv. drop and chroot before/after changing uid/gid Ed Borgoyn (eborgoyn) (Sep 11)