Bug#158090: security.debian.org: Easy for any user to fake messages into syslog

To: Martin Schulze <joey@infodrom.org>
Cc: Matt Zimmerman <mdz@debian.org>, 158090@bugs.debian.org
Subject: Bug#158090: security.debian.org: Easy for any user to fake messages into syslog
From: D.Goel <deego@glue.umd.edu>
Date: 25 Aug 2002 14:42:19 -0400
Message-id: <[🔎] 87vg5yeq5w.fsf@computer.localdomain>
Reply-to: D.Goel <deego@glue.umd.edu>, 158090@bugs.debian.org
In-reply-to: <20020825175702.GH29052@finlandia.infodrom.north.de>
References: <E17iqok-0003En-00@computer> <20020825151540.GW12945@alcor.net> <20020825175702.GH29052@finlandia.infodrom.north.de>

Martin Schulze <joey@infodrom.org> writes:

> The socket is world writable, glibc's syslog() function writes
> to it, from any program.  Restricting its write access to root
> would effectively disable syslogging.

yeah, i kinda gathered that..  That' why what i am proposing is --

Keep the current behavior, but log just one additional info ---> who
it is that wrote via syslog---so later the sysadmin can tell which is
a legit. message and which is not.

[But dunno, you guys know much better than this newbie :-) ]

Reply to:

Prev by Date: Processed: Re: Bug#158090: security.debian.org: Easy for any user to fake messages into syslog
Next by Date: Bug#158090: security.debian.org: Easy for any user to fake messages into syslog
Previous by thread: Processed: Re: Bug#158090: security.debian.org: Easy for any user to fake messages into syslog
Next by thread: Bug#158090: security.debian.org: Easy for any user to fake messages into syslog
Index(es):
- Date
- Thread