Date: Thu, 7 Sep 1995 08:35:48 +0800 (CST) From: Brian Tao <taob@gate.sinica.edu.tw> To: Paul Traina <pst@Shockwave.COM> Cc: freebsd-security@freebsd.org Subject: Re: Do we *really* need logger(1)? Message-ID: <Pine.SOL.3.91.950907082809.22792D-100000@gate> In-Reply-To: <199509061955.MAA12996@precipice.shockwave.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 6 Sep 1995, Paul Traina wrote:
>
> If your disk fills up, you want syslog to be able to operate until it goes to
> 110%. Unless you run as root or modify the kernel, you lose.
No, you want messages created by root-owned processes to fill your disk
to 110% (not that it's a good thing in any case, especially if /var is the
same filesystem as /). What we need is credential checking in the syslog()
call and syslogd daemon. I imagine any ISP that offers shell access and uses
the default syslog.conf is susceptible to a prankster sending *.emerg level
notices and getting syslogd to write "SYSTEM REBOOT, LOG OFF NOW!" to the
ttys of every online user.
--
Brian ("Though this be madness, yet there is method in't") Tao
taob@gate.sinica.edu.tw <-- work ........ play --> taob@io.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.3.91.950907082809.22792D-100000>