Date: Sat, 22 Aug 1998 09:07:20 -0400 (EDT) From: Robert Watson <robert@cyrus.watson.org> To: Dima Ruban <dima@best.net> Cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>, jkh@time.cdrom.com, security@FreeBSD.ORG Subject: Re: Scaring the bezeesus out of your system admin as a normal user: Message-ID: <Pine.BSF.3.96.980822090616.392C-100000@fledge.watson.org> In-Reply-To: <199808211637.JAA25475@burka.rdy.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 21 Aug 1998, Dima Ruban wrote: > Garrett Wollman writes: > > <<On Fri, 21 Aug 1998 00:02:54 -0700, "Jordan K. Hubbard" <jkh@time.cdrom.com> said: > > > > > % logger -p auth.notice -t su crackman to root on ttyp1 > > > I'd suggest that /var/run/log should have 0600 permissions but that > > > would certainly screw over a few of syslog(3)'s current users. > > > > > Hmmmm. No quick ideas here. :) > > > > It would be fairly simple for us to simply pass the user's credentials > > along with the message, and then have syslogd differentiate. > > I don't think it will solve the problem. Sending log message doesn't require > any special priveleges, so if you'll force logger to send user credentials, > someone can simply write a program that will go around it. It would solve the problem if you *required* that credentials be passed with log messages before accepting them. Add credential passing to the syslog library, etc. Robert N Watson Carnegie Mellon University http://www.cmu.edu/ TIS Labs at Network Associates, Inc. http://www.tis.com/ SafePort Network Services http://www.safeport.com/ robert@fledge.watson.org http://www.watson.org/~robert/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980822090616.392C-100000>