From owner-cvs-src@FreeBSD.ORG  Sat Oct  9 21:29:56 2004
Return-Path: <owner-cvs-src@FreeBSD.ORG>
Delivered-To: cvs-src@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 2A73616A4CE; Sat,  9 Oct 2004 21:29:56 +0000 (GMT)
Received: from cell.sick.ru (cell.sick.ru [217.72.144.68])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 6A3CF43D2F; Sat,  9 Oct 2004 21:29:55 +0000 (GMT)
	(envelope-from glebius@freebsd.org)
Received: from cell.sick.ru (glebius@localhost [127.0.0.1])
	by cell.sick.ru (8.12.11/8.12.8) with ESMTP id i99LTqCH009074
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Sun, 10 Oct 2004 01:29:53 +0400 (MSD)
	(envelope-from glebius@freebsd.org)
Received: (from glebius@localhost)
	by cell.sick.ru (8.12.11/8.12.11/Submit) id i99LTqTn009073;
	Sun, 10 Oct 2004 01:29:52 +0400 (MSD)
	(envelope-from glebius@freebsd.org)
X-Authentication-Warning: cell.sick.ru: glebius set sender to
	glebius@freebsd.org using -f
Date: Sun, 10 Oct 2004 01:29:52 +0400
From: Gleb Smirnoff <glebius@freebsd.org>
To: Andrea Campi <andrea+freebsd_cvs@webcom.it>
Message-ID: <20041009212952.GA8922@cell.sick.ru>
References: <200410082115.i98LFLMU034965@repoman.freebsd.org>
	<20041009153916.GA2003@webcom.it>
Mime-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <20041009153916.GA2003@webcom.it>
User-Agent: Mutt/1.5.6i
cc: cvs-src@freebsd.org
cc: src-committers@freebsd.org
cc: cvs-all@freebsd.org
Subject: Re: cvs commit: src/lib/libc/gen syslog.c
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Oct 2004 21:29:56 -0000

On Sat, Oct 09, 2004 at 05:39:17PM +0200, Andrea Campi wrote:
A> Unless I'm missing something, this would make the calling application
A> loop for an unbounded time (potentially forever), thus making the DoS
A> even more effective. Personally, I've never thought of syslog as a
A> reliable service, and I'm quite sure I prefer to lose messages but
A> keep my apps running than the opposite. If an application needs a
A> failsafe logging mechanism, chances are it will use something else
A> anyway.

Not forever. Actually this change can make applications work slower,
when syslogd is DoSed. Anyway when an attacker is flooding syslog with
messages your machine is _already_ slower, since syslogd consumes
all CPU and IO resources.

-- 
Totus tuus, Glebius.
GLEBIUS-RIPN GLEB-RIPE