Date: Tue, 11 Feb 2003 15:06:09 +0300 (MSK) From: Yar Tikhiy <yar@FreeBSD.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: conf/48170: LOG_AUTHPRIV messages disclosed due to default syslog.conf Message-ID: <200302111206.h1BC69U7026643@stylish.chem.msu.su>
next in thread | raw e-mail | index | archive | help
>Number: 48170 >Category: conf >Synopsis: LOG_AUTHPRIV messages disclosed due to default syslog.conf >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Feb 11 04:10:10 PST 2003 >Closed-Date: >Last-Modified: >Originator: Yar Tikhiy >Release: FreeBSD 5.0-RELEASE i386 >Organization: Moscow State University >Environment: This problem exists in both STABLE and CURRENT. >Description: The syslog(3) facility LOG_AUTHPRIV is intended to hide log messages that should not be seen by ordinary users by sending such messages to a separate, protected log file. For instance, login(1) drops two messages per an invalid login attempt, one to LOG_AUTH and the other to LOG_AUTHPRIV. The latter includes the username attempted, which may happen to be a password typed at the wrong prompt, so nobody but the sysadmins should see it. At the same time, default syslog.conf(5) sends *.notice to /var/log/messages, while LOG_NOTICE is the level used for messages about invalid authentication (since LOG_INFO is for normal operation, e.g., successful logins). That's why really sensitive messages sent to LOG_AUTHPRIV appear visible to everyone in the system. >How-To-Repeat: (Mis)type your password at the "login:" prompt. See it world-readable in /var/log/messages. >Fix: Index: syslog.conf =================================================================== RCS file: /home/ncvs/src/etc/syslog.conf,v retrieving revision 1.23 diff -u -r1.23 syslog.conf --- syslog.conf 21 Sep 2002 12:07:35 -0000 1.23 +++ syslog.conf 11 Feb 2003 11:39:55 -0000 @@ -6,7 +6,7 @@ # may want to use only tabs as field separators here. # Consult the syslog.conf(5) manpage. *.err;kern.debug;auth.notice;mail.crit /dev/console -*.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages +*.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages security.* /var/log/security auth.info;authpriv.info /var/log/auth.log mail.info /var/log/maillog >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200302111206.h1BC69U7026643>