Date: Tue, 13 Feb 2001 20:38:50 -0800 From: dmp@pantherdragon.org To: Dag-Erling Smorgrav <des@ofug.org> Cc: Adam Laurie <adam@algroup.co.uk>, security@FreeBSD.ORG Subject: Re: syslogd -ss not part of extreme security option? Message-ID: <3A8A0BDA.21504E26@pantherdragon.org> References: <3A88EB70.CC8CB78E@pantherdragon.org> <xzpelx2c3vp.fsf@flood.ping.uio.no> <3A89707C.A539BA9C@algroup.co.uk> <xzpzofqe8dr.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Dag-Erling Smorgrav wrote: > Adam Laurie <adam@algroup.co.uk> writes: > > eh? no security bug is "known" until it's found & exploited. just > > because it hasn't been found doesn't mean it doesn't exist. switching > > off a network listener for syslog when you are not doing network logging > > is much more than a warm fuzzy feeling, it's closing a potential > > security hole. i do it on standard installs, let alone "extreme > > security". > > It's not a listener. If you specify -s, the socket is half-closed so > you can use it to send log messages to other hosts, but can't receive. > If you specify -ss, the socket isn't opened at all so you can neither > send nor receive. Why not add it, though? Anyone who's going to do remote syslogging will know to set the appropriate option. For everyone else, it's just one more thing that doesn't need to be enabled by default. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A8A0BDA.21504E26>