From owner-freebsd-security  Wed Sep  6 17:48:04 1995
Return-Path: security-owner
Received: (from majordom@localhost)
          by freefall.freebsd.org (8.6.11/8.6.6) id RAA01061
          for security-outgoing; Wed, 6 Sep 1995 17:48:04 -0700
Received: from gate.sinica.edu.tw (gate.sinica.edu.tw [140.109.14.2])
          by freefall.freebsd.org (8.6.11/8.6.6) with SMTP id RAA01053
          for <freebsd-security@freebsd.org>; Wed, 6 Sep 1995 17:47:59 -0700
Received: by gate.sinica.edu.tw (5.x/SMI-SVR4)
	id AA27853; Thu, 7 Sep 1995 08:44:50 +0800
Date: Thu, 7 Sep 1995 08:44:50 +0800 (CST)
From: Brian Tao <taob@gate.sinica.edu.tw>
To: Bill Trost <trost@cloud.rain.com>
Cc: freebsd-security@freebsd.org
Subject: Re: Do we *really* need logger(1)? 
In-Reply-To: <m0sqPDt-00004yC@cloud.rain.com>
Message-Id: <Pine.SOL.3.91.950907083820.22792E-100000@gate>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: security-owner@freebsd.org
Precedence: bulk

On Wed, 6 Sep 1995, Bill Trost wrote:
> 
> Logger requires no special permissions to run; anyone can run such a
> program.  Better yet, anyone could run such a program anywhere on the
> Internet, so syslogd(8) can also be used as a remote disk-filling
> service.  (And, since it's UDP-based, you can't tcp-wrap it...).

    syslog() and syslogd are the real problems.  What use is there for a
syslog service on port 514?  I don't see why it should even bother listening
to a network port.  It should only accept input from /dev/[k]log. 
--
Brian ("Though this be madness, yet there is method in't") Tao
taob@gate.sinica.edu.tw <-- work ........ play --> taob@io.org