[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#923889: google-compute-image-packages - DoS via serial console write

On Wed, Mar 06, 2019 at 07:49:38PM +0100, Bastian Blank wrote:
> This package instructs journald to duplicate everything sent to the
> journal to the serial console.  The serial console is a pretty rate
> limited log output device and blocking there will make all software with
> any log output block.

This doesn't seem to affect all software - I tried to reproduce with
logger, but it doesn't block.  Maybe this only affects some logging

I agree it's a problematic default - GCE serial console data is
currently stored unencrypted.  That could be an unpleasent surprise.


Reply to: