Solaris syslog issues... Syslog.pm
Bob Jones
bob.jones at USG.EDU
Thu Aug 28 19:12:35 IST 2003
Hey again. We are implementing MailScanner (going live this afternoon)
on a Solaris 8 box. We ran into the problem of not getting messages
logged to syslog. We look at the FAQ and see you solve this problem by
removing the -t flag. This is troublesome because that flag keeps your
host from accept syslog messages from anywhere, so removing it is a real
security concern.
I've done some investigation and the problem appears to be with the
Syslog.pm module that MailScanner uses. The perl distributed by Sun is
still 5.005_03 and if you look at the syslog.ph files and the syslog.h
files you'll see that _PATH_LOG is not defined and thus with a default
setsocket call from Syslog.pm of unix, it looks for that (on most boxes
defined as /dev/log). I've seen some chatter from searches giving some
"fixes" for Perl 5.6 and above.
So, here's my question. Has anyone out there fixed this issue? Is this
even an issue if you upgrade to the latest version of perl (I imagine it
is since that wouldn't affect your syslog.h files)? Are we forced to
open up this security hole if we want to run MailScanner on Solaris and
get logging?
Thanks for any and all input,
--
Bob Jones
OIIT
The Board of Regents, USG
More information about the MailScanner
mailing list