From owner-freebsd-security  Fri Jan  8 08:10:31 1999
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA12145
          for freebsd-security-outgoing; Fri, 8 Jan 1999 08:10:31 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from ns1.yes.no (ns1.yes.no [195.204.136.10])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA12110
          for <freebsd-security@FreeBSD.ORG>; Fri, 8 Jan 1999 08:10:23 -0800 (PST)
          (envelope-from eivind@bitbox.follo.net)
Received: from bitbox.follo.net (bitbox.follo.net [195.204.143.218])
	by ns1.yes.no (8.9.1a/8.9.1) with ESMTP id RAA04544;
	Fri, 8 Jan 1999 17:09:51 +0100 (CET)
Received: (from eivind@localhost)
	by bitbox.follo.net (8.8.8/8.8.6) id RAA09051;
	Fri, 8 Jan 1999 17:09:51 +0100 (MET)
Message-ID: <19990108170950.L348@follo.net>
Date: Fri, 8 Jan 1999 17:09:50 +0100
From: Eivind Eklund <eivind@FreeBSD.ORG>
To: Guido van Rooij <guido@gvr.org>, Vadim Kolontsov <vadim@tversu.ru>,
        Don Lewis <Don.Lewis@tsc.tdk.com>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: kernel/syslogd hack
References: <vadim@tversu.ru> <199901060039.QAA13314@salsa.gv.tsc.tdk.com> <19990106094701.A28727@tversu.ru> <19990107214242.A1721@gvr.org> <19990108141005.F348@follo.net> <19990108165225.A1603@gvr.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.93.2i
In-Reply-To: <19990108165225.A1603@gvr.org>; from Guido van Rooij on Fri, Jan 08, 1999 at 04:52:25PM +0100
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri, Jan 08, 1999 at 04:52:25PM +0100, Guido van Rooij wrote:
> On Fri, Jan 08, 1999 at 02:10:05PM +0100, Eivind Eklund wrote:
> > I think we need to fix the interface here; forcing the client to 'give
> > ID' is IMO bad for security (it is somewhat good for privacy,
> 
> So make an option to syslogd: accept old style (unauthenticated) messages.
> If you remove that option, only authenticated mesages will come through.
> That way, you dont need to change the name of syslog(2) and you
> still get all the desired functionality. 

I was thinking of re-writing the API for SS_CRED, not for syslog.
This is somewhat bad for privacy, but it is extremely good for being
able to track attacks.

Eivind.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message