Date: Mon, 20 Mar 2000 21:15:47 -0800 (PST) From: Doug Barton <Doug@gorean.org> To: Nick Johnson <freebsd@spatula.net> Cc: arch@freebsd.org Subject: Re: syslogd_flags in /etc/defaults/rc.conf Message-ID: <Pine.BSF.4.21.0003202111520.61921-100000@dt051n0b.san.rr.com> In-Reply-To: <Pine.BSF.4.21.0003200935140.25240-100000@web2.sea.nwserv.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is really the kind of discussion that should take place on
arch, unless someone changed their mind again. :)
On Mon, 20 Mar 2000, Nick Johnson wrote:
> I'm curious to see if anyone is like-minded with me that syslogd_flags in
> /etc/defaults/rc.conf should be "-ss" instead of "". I reasoned that it
> should be, considering:
>
> 1. Most people don't direct syslogs at other machines in my experience.
1a. The people that do know how to change the flags.
> 2. Someone could conceivably DOS a machine by directing tons of crap at
> port 121, which is also noted in the BUGS section of the syslogd
> manpage.
Seen it happen, not pretty. My customer asked me why freebsd
shipped with this vulnerability enabled. I had no answer.
> 3. Syslogd runs as root, and while it is a mature piece of code, I think
> it preferable to minimize the number of root applications listening
> on sockets.
I would further propose that the flags be -ssvv, which would go a
long ways toward teaching new system administrators what is logged where,
and why.
Thanks for the great suggestion,
Doug
--
"While the future's there for anyone to change, still you know it seems,
it would be easier sometimes to change the past"
- Jackson Browne, "Fountain of Sorrow"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0003202111520.61921-100000>