Date: Fri, 9 Jul 2010 21:56:22 GMT From: Jan Schaumann <jschauma@netmeister.org> To: freebsd-gnats-submit@FreeBSD.org Subject: misc/148478: syslogd -s still binds port 514 Message-ID: <201007092156.o69LuMJp081598@www.freebsd.org> Resent-Message-ID: <201007092200.o69M0ELF039204@freefall.freebsd.org>
index | next in thread | raw e-mail
>Number: 148478
>Category: misc
>Synopsis: syslogd -s still binds port 514
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Jul 09 22:00:13 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Jan Schaumann
>Release: FreeBSD 7.2
>Organization:
>Environment:
>Description:
Even if started with the '-s' option, syslogd(8) will still bind to udp port 514. It won't actually log messages sent to it (it's possible it would if the packets had a spoofed source address of 127.0.0.1?), but it shouldn't even bind the port, since I might wish to use that port for another application on the system and I explicitly instructed syslogd to not bind it.
>How-To-Repeat:
/usr/sbin/syslogd -s
netstat -a | grep syslog
>Fix:
--- syslogd.c.orig Fri Jul 9 14:51:11 2010
+++ syslogd.c Fri Jul 9 14:49:41 2010
@@ -2607,10 +2607,12 @@
close(*s);
continue;
}
+ if (!SecureMode) {
if (bind(*s, r->ai_addr, r->ai_addrlen) < 0) {
close(*s);
logerror("bind");
continue;
+ }
}
double_rbuf(*s);
>Release-Note:
>Audit-Trail:
>Unformatted:
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201007092156.o69LuMJp081598>