Unix/Linux Go Back    


Security Discuss UNIX and Linux computer and network security, cyber security, cyber attacks, IT security, and more.

Best practice to allow 3rd party app to read messages file.

Security


Tags
chmod, setfacl

Closed    
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 06-01-2016
slwiley slwiley is offline
Registered User
 
Join Date: Jun 2016
Last Activity: 21 June 2016, 10:55 AM EDT
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Best practice to allow 3rd party app to read messages file.

What is the best practice to allow a 3rd party health monitoring app to read the messages file. Since messages is a system file and is owned by root the app cannot read the file. I don't want to run the app as root so how should I allow the app to read the file. The read function is actually built into the apps binary so its not using /bin/view or /bin/more to read messages which I believe stops me from being able to add the permissions in the sudoers file.

Any thoughts or suggestions are greatly appreciated. Thanks.
Sponsored Links
    #2  
Old Unix and Linux 06-01-2016
Peasant's Unix or Linux Image
Peasant Peasant is offline Forum Advisor  
Registered User
 
Join Date: Mar 2011
Last Activity: 30 April 2017, 2:01 AM EDT
Posts: 1,038
Thanks: 29
Thanked 300 Times in 263 Posts
What is your operating system ?

Most of modern unix and linux operating systems support ACLs.
Add the extra privilege to certain user(s) and/or groups only (the one who is running the monitoring client on same machine).
Depending on the operating system, this is done with setfacl or chmod (on solaris systems).

Hope that helps
Best regards
Peasant.
Sponsored Links
    #3  
Old Unix and Linux 06-01-2016
MadeInGermany MadeInGermany is offline Forum Advisor  
Registered User
 
Join Date: May 2012
Last Activity: 30 April 2017, 2:18 AM EDT
Location: Simplicity
Posts: 3,509
Thanks: 274
Thanked 1,164 Times in 1,056 Posts
I would simply make the /var/log/messages world-readable.
This is traditional Unix standard, and works unless you have an application that logs sensitiv data. (And in this case the application should be fixed.)
Settings an ACL might fail e.g. after a logfile rotation.
Sponsored Links
Closed

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Linux More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
No such file or directory for 3rd party software larry burns Shell Programming and Scripting 0 02-15-2015 04:55 PM
Problem compiling 3rd party g++ program motrax UNIX for Dummies Questions & Answers 1 03-08-2012 02:43 PM
3rd Party Utilities to read Syslog ratrahan AIX 0 12-14-2005 12:57 PM
How to pass variables to 3rd party unix menu? ctcuser Shell Programming and Scripting 3 02-21-2005 02:30 PM
root cron was override w/ 3rd party software kupal UNIX for Dummies Questions & Answers 2 07-03-2002 11:55 PM



All times are GMT -4. The time now is 04:57 AM.