(RHE4) Logrotate Not Restarting Syslog

A.Fadyushin at it-centre.ru A.Fadyushin at it-centre.ru
Tue Jan 31 17:07:48 UTC 2006



> -----Original Message-----
> From: redhat-list-bounces at redhat.com [mailto:redhat-list-
> bounces at redhat.com] On Behalf Of Bill Tangren
> Sent: Tuesday, January 31, 2006 4:44 PM
> To: General Red Hat Linux discussion list
> Subject: Re: (RHE4) Logrotate Not Restarting Syslog
> 
> Jason Williard wrote:
> >>>Does anyone know why this is not working?
> >>
> >>Maybe, but I had something similar which was caused because the /tmp
> >>partition mounted with noexec.
> >
> >
> >
> > That appears to have been my issue.  I removed noexec from that line
in
> > /etc/fstab, restarted and now things are working again.
> >
> > Thanks,
> > Jason
> >
> 
> You may want to be careful with that solution. Everyone on your system
has
> access to /tmp. I believe noexec is there for security reasons. You
might
> want
> to consider Sean's solution instead.
> 
> Bill

Yes, the presence of 'noexec' may by due to security reasons. For
example, someone can create file in /tmp and set its executable bit. Of
course, this by itself does not present security problem. However,
suppose that another user has current directory (.) in his PATH before
standard directories (yes, this is not recommended, but some users still
doing it). Then, if the user's current directory is /tmp and the
executable file is named as some commonly used program (suc as 'ls'),
the program in /tmp will be executed instead of standard 'ls' when the
user is in /tmp directory. The program will be executed with id ID of
user who wanted to execute 'ls', not the user who created the program -
this can have several security consequences.
However, I think that the presence of the ability to execute programs in
/tmp without other security weaknesses, such as '.' in PATH will not
make the system vulnerable to attacks.

Alexey Fadyushin
Brainbench MVP for Linux.
http://eee.brainbench.com




More information about the redhat-list mailing list