logging to a pipe?

[Jim Reid]

>>>>> "Marten" == Marten Lehmann <lehmann at cnm.de> writes:

    Marten> Btw.: I heard from some experienced
    Marten> c-programmer, that the pipe-option in logging isn't that
    Marten> hard, it should be no more than a popen()

Well since it's that easy, just contribute the code....

Perhaps you asked this C programmer the wrong question. If not, find
yourself a better C programmer and take advice from him/her. No
sensible programmer uses the popen() and system() library functions
because they provide a vector for security compromises. [These
routines fork a shell, so it's possible to do interesting things with
environment variables -- for instance the search path -- so that the
forked shell does unexpected things.] A competent C programmer will
know this and use the pipe() system call instead. IIRC popen() isn't
even in the ANSI C specification.

Besides, the question isn't whether providing some sort of logging to
a pipe is a hard programming exercise or not. Because it isn't hard.
The real questions are (a) is implementing this a worthwhile use of
ISC's resources?; (b) does this feature serve any useful purpose; and
(c) is the additional complexity worth it?. IMO the answer to these
questions is clearly "no". As others have already pointed out, there
are a number of ways for you to get the functionality you seem to be
looking for without having BIND provide logging to a pipe.

Another point you have to remember is BIND9 runs on lots of platforms.
Some of them aren't even UNIX. It could be running on an OS that
doesn't have popen() or pipe(). Or the semantics of these functions on
those platforms are so weird that using them creates horrible
portability problems and makes software maintenance a nightmare.