Hi, Recently I've seen multiple issues related to new file creation by logrotate(8). A race condition described by [1], between creation of a new file and setting file permissions and acl(5). Another I came across in ndjbdns [2], as it continued to write to an open, but rotated log file.
Wouldn't it be better to make 'copytruncate' as default behaviour for logrotate(8)? Instead of renaming an old file and creating a new one. [1] https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1098 [2] https://github.com/pjps/ndjbdns/commit/be5fd0c90376b5c89e5b5dc3d57f64d905afe519 Thank you. --- Regards -Prasad http://feedmug.com -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
