I just came across the pgsql script for the ulogd2 daemon supplied with the latest sources and since I intend to deploy it (upgrading my system from syslog-ng) I thought to ask about a couple of ideas I have.
As I see it, the script does not have any security/permission policies created or implemented. Is such feature planned?
If not, I think I have enough PostgreSQL experience and could alter that script to include such implementation, though I might need help with the NFLOG/ULOGD2 part as I am fairly new to this.
The idea I have is that the ulogd2 daemon should only be allowed INSERT permissions (nothing else) to the log tables, so that even if someone is able to hijack the ulogd2 connection to PostgreSQL somehow, they won't be able to see what has been logged, let alone alter it or delete it.
For certain views, I am sure there is a need for SELECT permission and for others there would even be a need for USAGE or REFERENCES privileges.
I tried to email the author of that script (Pierre - chifflier@xxxxxx), but my emails are not getting through for some reason. Thanks!
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
