Date: Tue, 12 May 2009 13:54:30 +0100 From: Gavin Atkinson <gavin@FreeBSD.org> To: Dmitry Morozovsky <marck@rinet.ru> Cc: freebsd-current@FreeBSD.org, gad@FreeBSD.org Subject: Re: newsyslog(8) patch for both size and time checks Message-ID: <1242132870.5455.9.camel@buffy.york.ac.uk> In-Reply-To: <alpine.BSF.2.00.0905121354450.1756@woozle.rinet.ru> References: <alpine.BSF.2.00.0905121354450.1756@woozle.rinet.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 2009-05-12 at 13:59 +0400, Dmitry Morozovsky wrote: > Dear colleagues, > > for now, if log is configured to be rotated in time manner, its size is not > checked, so /var/log may be DoSed by some service (in our case, it was mad DHCP > client which fills up our /var/log with dhcpd log; our newsyslog.conf line was > > /var/log/dhcpd 640 5 5000 @T00 JC > > The following simple patch should fix the problem. Any objection to commit > this? Short answer: I believe you will find this patch breaks some newsyslog functionality. I can't remember what the problems are, but that patch is pretty similar to my first attempt at fixing the problem too. The patch I ended up creating is at http://people.freebsd.org/~gavin/PRs/100018.diff (and a PR where somebody else requested this functionality is bin/100018). Gavin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1242132870.5455.9.camel>