Date: Sun, 11 Jul 1999 19:01:25 +1000 (EST) From: Darren Reed <avalon@coombs.anu.edu.au> To: imp@village.org (Warner Losh) Cc: alla@sovlink.ru, security@FreeBSD.ORG Subject: Re: Syslog alternatives? Message-ID: <199907110901.TAA01580@cheops.anu.edu.au> In-Reply-To: <199907091625.KAA20308@harmony.village.org> from "Warner Losh" at Jul 9, 99 10:25:55 am
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Warner Losh, sie said: > > In message <37859B74.7528C158@sovlink.ru> Alla Bezroutchko writes: > : Could someone explain me or point me to some resources that explain > : why syslogd is bad? > > By default, syslogd will accept messages from anybody. DoS > implications in doing that are ignored, so it remains vulnerable to a > fill up the disk attack. Secure switches make it less vulnerable. > > I don't think that there is anything major enough wrong with syslogd > to actually try to replace it. If there are bad things that can > happen when -s is specified, I'd sure like to know about them. Think about the issues with fsync(). I'm looking at ways around it, but without threads, it isn't easy. Darren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907110901.TAA01580>