diff options
author | jim-p <jimp@pfsense.org> | 2013-01-10 14:01:42 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2013-01-10 14:01:42 -0500 |
commit | 526102c1f665eb39853be9d6acf151c4ecfcc3ae (patch) | |
tree | 74c9c1354af125552c0268f3dd3db81b8ddd4b85 | |
parent | fbc723b110f739b8326815cd5d01f8bb773229c0 (diff) | |
download | pfsense-526102c1f665eb39853be9d6acf151c4ecfcc3ae.zip pfsense-526102c1f665eb39853be9d6acf151c4ecfcc3ae.tar.gz |
Put syslogd into secure mode so no remote log messages are accepted. Sending to a remote syslog server still works with this option.
-rw-r--r-- | etc/inc/system.inc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 8b71096..8dc00de 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -688,10 +688,10 @@ EOD; if (!is_dir("{$g['dhcpd_chroot_path']}/var/run")) exec("/bin/mkdir -p {$g['dhcpd_chroot_path']}/var/run"); - $retval = mwexec_bg("/usr/sbin/syslogd -c -c -l {$g['dhcpd_chroot_path']}/var/run/log -f {$g['varetc_path']}/syslog.conf"); + $retval = mwexec_bg("/usr/sbin/syslogd -s -c -c -l {$g['dhcpd_chroot_path']}/var/run/log -f {$g['varetc_path']}/syslog.conf"); } else { - $retval = mwexec_bg("/usr/sbin/syslogd -c -c -l {$g['dhcpd_chroot_path']}/var/run/log"); + $retval = mwexec_bg("/usr/sbin/syslogd -s -c -c -l {$g['dhcpd_chroot_path']}/var/run/log"); } if ($g['booting']) |