From owner-freebsd-security Fri Aug 21 12:16:02 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA18468 for freebsd-security-outgoing; Fri, 21 Aug 1998 12:16:02 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from pobox.com (jaresh-58.mdm.mke.execpc.com [169.207.81.186]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id MAA18409 for ; Fri, 21 Aug 1998 12:15:58 -0700 (PDT) (envelope-from hamilton@pobox.com) Message-Id: <199808211915.MAA18409@hub.freebsd.org> Received: (qmail 27011 invoked from network); 21 Aug 1998 14:19:00 -0500 Received: from localhost (HELO pobox.com) (127.0.0.1) by localhost with SMTP; 21 Aug 1998 14:19:00 -0500 To: Garrett Wollman cc: dima@best.net, jkh@time.cdrom.com, security@FreeBSD.ORG Subject: Re: Scaring the bezeesus out of your system admin as a normal user: In-reply-to: Your message of "Fri, 21 Aug 1998 12:38:59 EDT." <199808211638.MAA15257@khavrinen.lcs.mit.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Fri, 21 Aug 1998 14:19:00 -0500 From: Jon Hamilton Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <199808211638.MAA15257@khavrinen.lcs.mit.edu>, Garrett Wollman wrote : } <> It would be fairly simple for us to simply pass the user's credentials } >> along with the message, and then have syslogd differentiate. } } > I don't think it will solve the problem. Sending log message doesn't requir } e } > any special priveleges, so if you'll force logger to send user credentials, } > someone can simply write a program that will go around it. } } You missed the point. Credentials passed over PF_LOCAL sockets are by } design unforgeable. That doesn't address remote logging, however. -- Jon Hamilton hamilton@pobox.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message