Talk:Getting fai-logs a better way

From FAIWiki
Revision as of 10:52, 1 August 2006 by Iw (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

faimond

faimond is _no_ security risc. It's run by a normal user, not by root. Everybody on a Unix system can start such daemons if the port number is above 1024. This daemon only prints strings that it receives via a socket connection, to stdout. The strings received are not used to execute any commands. ( by Thomas Lange )

The fact, that a program is run by a normal user doesen't mean it's secure. Even apache drops its rights to a normal user after opening a port.
I don't say faimond has security holes. I don't know. And i see your point that it is a small and simple solution for a small and simple task. Still i'd trust syslog or syslog-ng more, because it's overlooked by more than one developer.
I'll try to clearify this in the article. And give your hint, that its easy to replace faimond by syslog.

--Iw 12:52, 1 Aug 2006 (CEST)