From owner-freebsd-security Wed Sep 6 21:06:35 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.freebsd.org (8.6.11/8.6.6) id VAA07426 for security-outgoing; Wed, 6 Sep 1995 21:06:35 -0700 Received: from jli (jli.portland.or.us [199.2.111.1]) by freefall.freebsd.org (8.6.11/8.6.6) with SMTP id VAA07419 for ; Wed, 6 Sep 1995 21:06:32 -0700 Received: from cumulus by jli with uucp (Smail3.1.29.1 #3) id m0sqYDv-0001bLC; Wed, 6 Sep 95 21:05 PDT Message-Id: To: freebsd-security@freebsd.org Subject: syslogd as root? References: <199509061955.MAA12996@precipice.shockwave.com> In-reply-to: Your message of Wed, 06 Sep 1995 12:55:57 PDT. <199509061955.MAA12996@precipice.shockwave.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <8071.810443422.1@cloud.rain.com> Date: Wed, 06 Sep 1995 20:10:23 -0700 From: Bill Trost Sender: security-owner@freebsd.org Precedence: bulk Paul Traina writes: From: Bill Trost Require that files specified in syslog.conf be writeable by user syslog, and put user syslog in group tty (to handle broadcasts to all users), and syslogd can setuid to syslog as soon as it has its sockets open. If your disk fills up, you want syslog to be able to operate until it goes to 110%. Unless you run as root or modify the kernel, you lose. Or unless you run tunefs on the partition(s) containing the log files (thereby allowing anyone to fill up the partition(s) syslog writes to -- as if they can't already). Nits aside, I can't decide whether letting syslogd "really" fill up the disk is a win or not. Certainly from a security standpoint (what was the name of this mailing list again? (-: ) there is little difference, given that syslogd is vulnerable to spam attacks. So -- why do I want syslogd to be capable of completely filling the disk?