Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 22 Aug 1998 18:13:28 +1200 (NZST)
From:      Andrew McNaughton <andrew@squiz.co.nz>
To:        "Jan B. Koum " <jkb@best.com>
Cc:        ben@efn.org, Jon Hamilton <hamilton@pobox.com>, Garrett Wollman <wollman@khavrinen.lcs.mit.edu>, dima@best.net, jkh@time.cdrom.com, security@FreeBSD.ORG
Subject:   Re: Shipping syslogd with "-s" (Was: Re: Scaring the bezeesus ..)
Message-ID:  <Pine.BSF.3.96.980822175255.12678A-100000@aniwa.sky>
In-Reply-To: <Pine.BSF.4.02.9808212201490.27345-100000@shell6.ba.best.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Fri, 21 Aug 1998, Jan B. Koum  wrote:

> Date: Fri, 21 Aug 1998 22:04:11 -0700 (PDT)
> From: "Jan B. Koum " <jkb@best.com>
> To: ben@efn.org
> Cc: Jon Hamilton <hamilton@pobox.com>,
>     Garrett Wollman <wollman@khavrinen.lcs.mit.edu>, dima@best.net,
>     jkh@time.cdrom.com, security@FreeBSD.ORG
> Subject: Shipping syslogd with "-s" (Was: Re: Scaring the bezeesus ..)
> 
>       
> 	I vote to have FreeBSD ship syslogd with "-s" by default.
> 
> 	Reason: any user cluefull enough to use and custom config syslog to
> do over the net logging will be cluefull enough to know how to either add
> "-a" or take "-s" out of rc.conf.

>From the syslogd man page I'm not entirely clear on how these options
interact.

>   -a allowed_peer
>         Allow allowed_peer to log to this syslogd using UDP datagrams.
>         Multiple -a options may be specified.

If one has to specify that a host is allowed to log packets to this host,
then it seems reasonable to assume that this is not allowed unless so
specified ... or perhaps that's only the case if -s is used?

>   -s      Operate in secure mode.  Do not listen for log message from
>           remote machines.

I'd have thought that meant syslogd didn't even look at incoming packets
if this was set, which I suppose reduces the chance of some bug turning up
in it ... or perhaps the default is that packets are accepted? 


Could someone clarify this?  Preferably the man page should be clarified. 

Is there a way to send log entries to a remote machine from the command
line so I can more easily test how this works?

Andrew McNaughton


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980822175255.12678A-100000>