From owner-freebsd-security Mon Sep 4 02:14:25 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.FreeBSD.org (8.6.11/8.6.6) id CAA23809 for security-outgoing; Mon, 4 Sep 1995 02:14:25 -0700 Received: from haywire.DIALix.COM (haywire.DIALix.COM [192.203.228.65]) by freefall.FreeBSD.org (8.6.11/8.6.6) with ESMTP id CAA23767 for ; Mon, 4 Sep 1995 02:13:28 -0700 Received: (from news@localhost) by haywire.DIALix.COM (sendmail) id RAA16320 for freebsd-security@freebsd.org; Mon, 4 Sep 1995 17:11:47 +0800 (WST) Received: from GATEWAY by haywire.DIALix.COM with netnews for freebsd-security@freebsd.org (problems to: usenet@haywire.dialix.com) To: freebsd-security@freebsd.org Date: 4 Sep 1995 17:11:42 +0800 From: peter@haywire.dialix.com (Peter Wemm) Message-ID: <42efse$fts$1@haywire.DIALix.COM> Organization: DIALix Services, Perth, Australia. References: Subject: Re: syslog patches? Sender: security-owner@freebsd.org Precedence: bulk guido@spooky.lss.cp.philips.com (Guido van Rooij) writes: >After the intial posting of Paul Traina's modified syslog I haven't >seen a new attempt yet. I did see a NetBSD solution to the problem >though. My question: is theer any syslog.c that can be incorporated >in the source tree and to 2.1.0? >-Guido Not trying to offend Paul Traina, but I'd prefer to take Eric Allman's one and apply the necessary bandaids to it. But whatever the case, something *has* to go in, because if we ship 2.1 with the buggy version, because of the identical binaries on each system, somebody *will* calculate the offsets and the code to subvert 2.1R. If going with Paul Traina's version is what it takes to get it fixed, I'll gladly put aside my slight preference for Eric's version. Cheers, -Peter