Date: Mon, 22 Jan 2001 21:38:42 -0800 From: "Crist J. Clark" <cjclark@reflexnet.net> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: current@FreeBSD.ORG Subject: Re: excessive paranoia in syslogd(8)? Message-ID: <20010122213842.O10761@rfx-216-196-73-168.users.reflex> In-Reply-To: <200101221740.MAA39988@khavrinen.lcs.mit.edu>; from wollman@khavrinen.lcs.mit.edu on Mon, Jan 22, 2001 at 12:40:00PM -0500 References: <20010120224944.I387@bonsai.knology.net> <20010120212039.M10761@rfx-216-196-73-168.users.reflex> <200101221740.MAA39988@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 22, 2001 at 12:40:00PM -0500, Garrett Wollman wrote:
> <<On Sat, 20 Jan 2001 21:20:39 -0800, "Crist J. Clark" <cjclark@reflexnet.net> said:
>
> > If you want to or need to use network sockets,
>
> > # syslogd -a localhost
>
> > Should provide the behavior you want.
>
> I.e., no security whatsoever.
Well, yeah, it's syslogd(8) and as the manpage says,
BUGS
The ability to log messages received in UDP packets is equivalent to an
unauthenticated remote disk-filling service...
However, doing 'syslogd -a localhost' should really not be much worse
than 'syslogd -s' or '-ss'. In all three cases, a local user can nail
you. The only risk I see is 127.0.0.1 being forced in from the LAN, and
even then, I can't recall if FreeBSD will ever accept loopback numbers
coming in a non-loopback interface. And that still is only local net,
127/8 packets aren't going to be routed.
--
Crist J. Clark cjclark@alum.mit.edu
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010122213842.O10761>