From owner-freebsd-security  Wed Jan  6 02:57:38 1999
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id CAA25145
          for freebsd-security-outgoing; Wed, 6 Jan 1999 02:57:38 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from cheops.anu.edu.au (cheops.anu.edu.au [150.203.149.24])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA25139
          for <freebsd-security@freebsd.org>; Wed, 6 Jan 1999 02:57:33 -0800 (PST)
          (envelope-from avalon@cheops.anu.edu.au)
Received: (from avalon@localhost)
	by cheops.anu.edu.au (8.9.1/8.9.1) id VAA24694;
	Wed, 6 Jan 1999 21:44:37 +1100 (EDT)
From: Darren Reed <avalon@coombs.anu.edu.au>
Message-Id: <199901061044.VAA24694@cheops.anu.edu.au>
Subject: Re: kernel/syslogd hack
To: vadim@tversu.ru (Vadim Kolontsov)
Date: Wed, 6 Jan 1999 21:44:37 +1100 (EDT)
Cc: freebsd-security@FreeBSD.ORG
In-Reply-To: <19990106132848.A14928@tversu.ru> from "Vadim Kolontsov" at Jan 6, 99 01:28:48 pm
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In some mail from Vadim Kolontsov, sie said:
> 
> Hello,
> 
> On Wed, Jan 06, 1999 at 08:35:23PM +1100, Darren Reed wrote:
> 
> > As far as /var/run/log goes, chown/chgrp/chmod are your friends or you
> > can make /var/run/log a symbolic link to a protected directory with which
> > you use the -p argument to place the log socket.  e.g.:
> > # mkdir /var/run/log.d
> > # chmod 700 /var/run/log.d
> > # ln -s /var/run/log.d/log /var/run/log
> > # syslogd -p /var/run/log/log
> 
>   Sorry, I didn't understand you. In which cases would it help?

The above stops non-root from sending syslog messages, locally.

Darren

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message