Date: Thu, 26 May 2016 23:06:32 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: freebsd-net@freebsd.org Cc: Chris Hutchinson <portmaster@bsdforge.com> Subject: Re: [Bug 166255] [net] [patch] It should be possible to disable "promiscuous mode enabled" messages Message-ID: <57471F08.1080908@grosbein.net> In-Reply-To: <bug-166255-2472-dwiwYgcnBC@https.bugs.freebsd.org/bugzilla/> References: <bug-166255-2472@https.bugs.freebsd.org/bugzilla/> <bug-166255-2472-dwiwYgcnBC@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
Moving this to net@ per request. > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=166255 > > --- Comment #26 from Chris Hutchinson <portmaster@bsdforge.com> --- > (In reply to eugen from comment #25) >> Default system behaviour is not changed. Reboot is required to disable >> logging after a change to loader.conf. So, no patching should be required to >> stay safe. > > I understand that. I also agree with you that syslog(3) is not an > ideal option, either. But as it stands, this new "switch" is still > a security risk -- it opens a potential "backdoor", however unlikely > some feel it might be. I'm just not sure that the need, outweighs > the risk. Is there /really/ no other possible solution. Must a > decision on this be made right now? Or could more time be given, > in hopes a better solution might be found? > > Lastly, I know status of this bug is essentially "closed", > and I apologize for responding so late. I would have responded > earlier. But I was sure a patch in this direction, would have > been rejected. The PR and patch make it possible to not log "promisc. mode changed" messages. In short, you insist that in should NOT be possible to disable those logs in any way, right? Eugene Grosbein
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?57471F08.1080908>