Bug#158090: security.debian.org: Easy for any user to fake messages into syslog

[Matt Zimmerman <mdz@debian.org>]

On Sun, Aug 25, 2002 at 07:57:02PM +0200, Martin Schulze wrote:

> Matt Zimmerman wrote:
> > syslogd has no authentication.  Anyone can send messages to it with any
> > content they like.  If you wish to restrict access to syslog, the easiest
> > way is to set permissions on the /dev/log socket, and make sure that _every_
> > program which you want to be able to log to syslog has permissions on that
> > socket.  But syslogd will always set the permissions to 0666 at startup, and
> > you will need to arrange to reset them after each startup.
> 
> Even worse, syslogd only reads what is provided on /dev/log.
> 
> The socket is world writable, glibc's syslog() function writes
> to it, from any program.  Restricting its write access to root
> would effectively disable syslogging.

How so?  Restricting its write access to root would still allow programs
running as root to use syslog.  Making /dev/log group-writable and adding
users to a 'syslog' group would restrict syslog usage to those users

-- 
 - mdz