Menu
▾
▴
Re: [Snort-inline-users] Snort_inline, /proc/net/ip_queue problem
|
From: Victor J. <vi...@nk...> - 2004-12-23 14:00:23
|
> sorted! Running snort_inline as root (eliminating the '-u snort_inline -g > snort_inline' from the cmd line in /etc/conf.d/snort_inline) seems to be > working so far! > > I think you are right in the GRSecurity thing because I do utilize the > randomize PIDs feature. > > Are there any downfalls to running snort_inline as root? As far as i know it's mandatory because root is the only one who can read the queue... Correct me if i'm wrong though... if i recall correctly, in 2.3 we even make sure the commandline options -u and -g are ignored... Regards, Victor |
