Date: Thu, 7 Jan 1999 03:35:22 +0300 From: Vadim Kolontsov <vadim@tversu.ru> To: Don Lewis <Don.Lewis@tsc.tdk.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: kernel/syslogd hack Message-ID: <19990107033522.B26805@tversu.ru> In-Reply-To: <199901070023.QAA02193@salsa.gv.tsc.tdk.com>; from Don Lewis on Wed, Jan 06, 1999 at 04:23:52PM -0800 References: <vadim@tversu.ru> <199901070023.QAA02193@salsa.gv.tsc.tdk.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, On Wed, Jan 06, 1999 at 04:23:52PM -0800, Don Lewis wrote: > } > If you wanted to use SCM_CREDS, you'd need to tweak syslog() and rebuild > } > the shared library. I don't think this is too much of a disadvantage. > } > } Who will rebuild all binary-only FreeBSD/Linux apps, available on the market? > } Not all of them use shared libraries. > > I suspect that not many of those that are statically linked call syslog(). > > If syslogd received a message without the credentials, it could log the > information that it was handed with an indication that the information > may not be trustworthy. Yes, it's clear. And I like this approach much better than my attempts. So if everybody think that using SCM_CREDS is a good idea, may be it should be included in -current? It will not break anything (the only thing which will be changed is log format, but using new feature can be optional -- just another option for syslogd). And it's not hard to implement. Regards, V. -- Vadim Kolontsov Tver Internet Center NOC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990107033522.B26805>