Contributed by jose on from the safer-PF-logging dept.
http://marc.theaimsgroup.com/?l=openbsd-cvs&m=106684950032748&w=2 Log message: privilege seperated pflogd _pflogd user and group must be created for proper operation.
Note that you'll have to add a _pflogd user to use this right, but other than that you're all set. Thanks, guys.
(Comments are closed)
By gwyllion () on
By FenderQ () on
The kernel changes to bpf.h and bpf.c?
Cool feature though..... Nice work. :-)
Comments
By Can Erkin Acar () on
Comments
By FenderQ () on
Thanks again for resolving that so quick.
By Anonymous Coward () on
Comments
By Anonymous Coward () on
Shipping a base system systraced isnt that easy.
By schubert () on http://schubert.cx/
By Petr R. () pruzicka@openbsd.cz on http://www.openbsd.cz
By tedu () on
Comments
By djm () on
It won't stop an exploit in the monitor though. While the privsep child itsn't likely to be calling exec in /ver/empty, it might try to create and bind sockets to scan or attack one's network. systrace could help here.
IIRC the folks at monkey.org have a good sshd systrace policy. I have never used it though, but I do use systrace for things like rsync - which I don't fully trust.
Comments
By Anil () avsm@ on mailto:avsm@