From owner-freebsd-security  Tue Aug 25 10:31:52 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id KAA00618
          for freebsd-security-outgoing; Tue, 25 Aug 1998 10:31:52 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from dt053nb4.san.rr.com (dt053nb4.san.rr.com [204.210.34.180])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA00606
          for <freebsd-security@FreeBSD.ORG>; Tue, 25 Aug 1998 10:31:48 -0700 (PDT)
          (envelope-from Studded@dal.net)
Received: from dal.net (Studded@localhost [127.0.0.1])
	by dt053nb4.san.rr.com (8.8.8/8.8.8) with ESMTP id KAA05846;
	Tue, 25 Aug 1998 10:30:53 -0700 (PDT)
	(envelope-from Studded@dal.net)
Message-ID: <35E2F4CC.5820504D@dal.net>
Date: Tue, 25 Aug 1998 10:30:52 -0700
From: Studded <Studded@dal.net>
Organization: Triborough Bridge & Tunnel Authority
X-Mailer: Mozilla 4.06 [en] (X11; I; FreeBSD 2.2.7-STABLE-0823 i386)
MIME-Version: 1.0
To: Archie Cobbs <archie@whistle.com>
CC: hart@iserver.com, freebsd-security@FreeBSD.ORG
Subject: Re: Scaring the bezeesus out of your system admin as a normal user:
References: <199808250220.TAA17312@bubba.whistle.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Archie Cobbs wrote:
> 
> Paul Hart writes:
> > This is kind of a related question, but in 2.2.7-RELEASE syslogd appears
> > to have been modified to bind to its UDP port even if it is run with the
> > -s flag.  It does discard packets received on the port (but still logs a
> > message about it!), but should it not even bind to the port when running
> > in secure mode?  It didn't bind to the port in previous versions, if
> > memory serves.
> >
> > If this was a recent design decision that is meant to last, I think I will
> > hack my syslogd back to the way it used to be.
> 
> If you do, send it in with send-pr... this behavior seems kindof silly.

	This was discussed several months ago (check the archives for -Stable I
think), but my understanding was that it was decided ultimately NOT to
bind the port otherwise I would have made more noise about it myself. 

Doug
-- 
***           Chief Operations Officer, DALnet IRC network          ***

When you don't know where you're going, every road will take you there.
     - Yiddish Proverb

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message