From owner-freebsd-questions  Tue Jul 20  2:14:42 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from david.siemens.de (david.siemens.de [192.35.17.14])
	by hub.freebsd.org (Postfix) with ESMTP id BF28514BE4
	for <freebsd-questions@FreeBSD.ORG>; Tue, 20 Jul 1999 02:14:23 -0700 (PDT)
	(envelope-from andre.albsmeier@mchp.siemens.de)
X-Envelope-Sender-Is: andre.albsmeier@mchp.siemens.de (at relayer david.siemens.de)
Received: from mail2.siemens.de (mail2.siemens.de [139.25.208.14])
	by david.siemens.de (8.9.3/8.9.3) with ESMTP id LAA01384
	for <freebsd-questions@FreeBSD.ORG>; Tue, 20 Jul 1999 11:14:10 +0200 (MET DST)
Received: from curry.mchp.siemens.de (curry.mchp.siemens.de [139.25.42.7])
	by mail2.siemens.de (8.9.3/8.9.3) with ESMTP id LAA21826
	for <freebsd-questions@FreeBSD.ORG>; Tue, 20 Jul 1999 11:14:06 +0200 (MET DST)
Received: (from daemon@localhost)
	by curry.mchp.siemens.de (8.9.3/8.9.3) id LAA93458
	for <freebsd-questions@FreeBSD.ORG>; Tue, 20 Jul 1999 11:14:08 +0200 (CEST)
Date: Tue, 20 Jul 1999 11:14:06 +0200
From: Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
To: "T. William Wells" <bill@twwells.com>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: Why is this code in syslogd.c?
Message-ID: <19990720111406.A35123@internal>
References: <19990718194853.A29020@internal> <E115vml-00089S-00@twwells.com> <19990719080007.A7410@internal> <7mufng$eev$1@twwells.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.5i
In-Reply-To: <7mufng$eev$1@twwells.com>; from T. William Wells on Mon, Jul 19, 1999 at 02:18:02AM -0400
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Mon, 19-Jul-1999 at 02:18:02 -0400, T. William Wells wrote:
> In article <19990719080007.A7410@internal>,
> Andre Albsmeier  <andre.albsmeier@mchp.siemens.de> wrote:
> : But I still can't understand what's the reason for doing that. OK,
> : a user could fake a kernel message but now he can do the same thing
> : with all other facilities. He can fake mail or auth messages as he likes...
> 
> "X is something that a user should not do but can anyway.
> Therefore, we should not prevent the user from doing Y." Not very
> logical, is it?

It's your logic, I didn't say that. I wanted to understand why it is
there. So we can summarize:

The code is there to prevent users from sending faked kern.xxx
messages. The code does not cover other facilities so these
can still be faked.


> It would be nice if there was some control over who can send what
> messages. But it's not there, so we can't rely on them. However,
> it _is_ there for kernel messages, which is better than nothing.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message