I have this problem and would like to see the best practices in the industry.
I am writing a software that uses an open source logging library. One of the features of this library is the ability to create rotating log files. For example, if the max log size is 2GB, then when limit is reached, a new file is created and the old one renamed.
My application has to run as root, because it requires access to lower range port numbers. As a consequence the logs that are being created by the application can only be read by root user.
I would like that the logs be readable by any user and not just by the root user. How can I achieve this? Is there an industry standard to tackle this issue?
Advertisement
Answer
It is possible to give a non-root process specific admin privileges — like the ability to bind to privileged ports. This is far more secure than the all-or-nothing approach of simply running an application as the root user, and is considered a better solution.
In this case, you would want to give it the CAP_NET_BIND_SERVICE capability. This answer is a good starting point for how to do that.
The main two ways to do seem to be
- Create a
setuidwrapper program which runs as root, and drops all capabilities except the ones you need, and thenexecthe actual program - Use
setcapto set the capabilities of an executable on a single system.
For more information about capabilities, run the following command from a Linux terminal
$ man 7 capabilities
or, visit this site: http://linux.die.net/man/7/capabilities