Date: Mon, 20 Mar 2000 21:15:47 -0800 (PST) From: Doug Barton <Doug@gorean.org> To: Nick Johnson <freebsd@spatula.net> Cc: arch@freebsd.org Subject: Re: syslogd_flags in /etc/defaults/rc.conf Message-ID: <Pine.BSF.4.21.0003202111520.61921-100000@dt051n0b.san.rr.com> In-Reply-To: <Pine.BSF.4.21.0003200935140.25240-100000@web2.sea.nwserv.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is really the kind of discussion that should take place on arch, unless someone changed their mind again. :) On Mon, 20 Mar 2000, Nick Johnson wrote: > I'm curious to see if anyone is like-minded with me that syslogd_flags in > /etc/defaults/rc.conf should be "-ss" instead of "". I reasoned that it > should be, considering: > > 1. Most people don't direct syslogs at other machines in my experience. 1a. The people that do know how to change the flags. > 2. Someone could conceivably DOS a machine by directing tons of crap at > port 121, which is also noted in the BUGS section of the syslogd > manpage. Seen it happen, not pretty. My customer asked me why freebsd shipped with this vulnerability enabled. I had no answer. > 3. Syslogd runs as root, and while it is a mature piece of code, I think > it preferable to minimize the number of root applications listening > on sockets. I would further propose that the flags be -ssvv, which would go a long ways toward teaching new system administrators what is logged where, and why. Thanks for the great suggestion, Doug -- "While the future's there for anyone to change, still you know it seems, it would be easier sometimes to change the past" - Jackson Browne, "Fountain of Sorrow" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0003202111520.61921-100000>