Unix/Linux Go Back    


Security Discuss UNIX and Linux computer and network security, cyber security, cyber attacks, IT security, and more.

Best practice to allow 3rd party app to read messages file.

Security


Tags
chmod, setfacl

Closed    
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 06-01-2016
slwiley slwiley is offline
Registered User
 
Join Date: Jun 2016
Last Activity: 21 June 2016, 10:55 AM EDT
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Best practice to allow 3rd party app to read messages file.

What is the best practice to allow a 3rd party health monitoring app to read the messages file. Since messages is a system file and is owned by root the app cannot read the file. I don't want to run the app as root so how should I allow the app to read the file. The read function is actually built into the apps binary so its not using /bin/view or /bin/more to read messages which I believe stops me from being able to add the permissions in the sudoers file.

Any thoughts or suggestions are greatly appreciated. Thanks.
Sponsored Links
    #2  
Old Unix and Linux 06-01-2016
Peasant's Unix or Linux Image
Peasant Peasant is offline Forum Advisor  
Registered User
 
Join Date: Mar 2011
Last Activity: 19 February 2017, 1:16 PM EST
Posts: 1,023
Thanks: 28
Thanked 285 Times in 255 Posts
What is your operating system ?

Most of modern unix and linux operating systems support ACLs.
Add the extra privilege to certain user(s) and/or groups only (the one who is running the monitoring client on same machine).
Depending on the operating system, this is done with setfacl or chmod (on solaris systems).

Hope that helps
Best regards
Peasant.
Sponsored Links
    #3  
Old Unix and Linux 06-01-2016
MadeInGermany MadeInGermany is offline Forum Advisor  
Registered User
 
Join Date: May 2012
Last Activity: 19 February 2017, 8:36 PM EST
Location: Simplicity
Posts: 3,408
Thanks: 262
Thanked 1,123 Times in 1,018 Posts
I would simply make the /var/log/messages world-readable.
This is traditional Unix standard, and works unless you have an application that logs sensitiv data. (And in this case the application should be fixed.)
Settings an ACL might fail e.g. after a logfile rotation.
Sponsored Links
Closed

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Linux More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
No such file or directory for 3rd party software larry burns Shell Programming and Scripting 0 02-15-2015 05:55 PM
Problem compiling 3rd party g++ program motrax UNIX for Dummies Questions & Answers 1 03-08-2012 03:43 PM
3rd Party Utilities to read Syslog ratrahan AIX 0 12-14-2005 01:57 PM
How to pass variables to 3rd party unix menu? ctcuser Shell Programming and Scripting 3 02-21-2005 03:30 PM
root cron was override w/ 3rd party software kupal UNIX for Dummies Questions & Answers 2 07-04-2002 12:55 AM



All times are GMT -4. The time now is 10:16 PM.