From owner-freebsd-security@FreeBSD.ORG Mon May 26 03:37:08 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3F5A85B6 for ; Mon, 26 May 2014 03:37:08 +0000 (UTC) Received: from outgoing.tristatelogic.com (segfault.tristatelogic.com [69.62.255.118]) by mx1.freebsd.org (Postfix) with ESMTP id 27E2B2F53 for ; Mon, 26 May 2014 03:37:07 +0000 (UTC) Received: from segfault-nmh-helo.tristatelogic.com (localhost [127.0.0.1]) by segfault.tristatelogic.com (Postfix) with ESMTP id 91C8C3AD92 for ; Sun, 25 May 2014 20:37:07 -0700 (PDT) From: "Ronald F. Guilmette" To: freebsd-security@freebsd.org Subject: NEVERMIND! (was: Local Denial of Service: logger(1)) In-Reply-To: <2091.1401074804@server1.tristatelogic.com> Date: Sun, 25 May 2014 20:37:07 -0700 Message-ID: <2218.1401075427@server1.tristatelogic.com> X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 May 2014 03:37:08 -0000 In message <2091.1401074804@server1.tristatelogic.com>, I wrote: >========================================================================== >#!/bin/sh > >while (1) > dd if=/dev/random bs=15 count=1 | od -c | xargs logger >end >========================================================================== DUH! I forgot that newsyslog(8) should limit the size of /var/log/messages, and that as long as you limit the size of that to a reasnable value, and as long as you have newsyslog(8) only keeping a finite & reasonable number of "rotated out" copies, then /var won't fill up. My apologies to everyone for the distraction.