Date: Sat, 16 Sep 1995 00:14:23 +0800 (WST) From: Peter Wemm <peter@jhome.DIALix.COM> To: Nate Williams <nate@rocky.sri.MT.net> Cc: CVS-commiters@freefall.freebsd.org, cvs-lib@freefall.freebsd.org Subject: Re: cvs commit: src/lib/libc/gen syslog.c Message-ID: <Pine.BSF.3.91.950915235736.1727B-100000@jhome.DIALix.COM> In-Reply-To: <199509151558.JAA16368@rocky.sri.MT.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 15 Sep 1995, Nate Williams wrote: > Peter Wemm writes: > > peter 95/09/15 06:53:41 > > > > Modified: lib/libc/gen syslog.c > > Log: > > Fix security bugs with a "new approach", using stdio's powerful buffer > > control hooks. > > Thanks for someone doing this. Even if it's not completely secure, it's > gotta be better than the original version. Any chance of this getting > into 2.1? Lets let it settle for a couple of days of full scale acid testing first... :-) (unless time is of the essence). I personally think it's 100% bombproof from a security point of view, and nobody's pointed out any holes in it of the people who've had this shoved under their noses.. I guess a wider audience is certainly going to prove/disprove it.. :-) Paul Traina was worried that I was not null terminating the buffer being transmitted, and was allowing null characters to be transmitted to syslogd.. I feel that it's more syslogd's problem *if* it chokes on null characters, because *anybody* can compile a program to transmit nulls to syslogd either over /dev/log or via the internet... My testing in that area suggests that syslogd simply truncates the line being logged, which isn't exactly a crisis.. I think it does need to go into 2.1 sooner or later though, because since we ship binaries, it is inevitable that somebody will calculate the magic numbers for 2.0, 2.0.5, 2.1 etc sooner or later. > Nate Cheers, -Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.950915235736.1727B-100000>