Bug#158090: security.debian.org: Easy for any user to fake messages into syslog

[Martin Schulze <joey@infodrom.org>]

Matt Zimmerman wrote:
> > The socket is world writable, glibc's syslog() function writes
> > to it, from any program.  Restricting its write access to root
> > would effectively disable syslogging.
> 
> How so?  Restricting its write access to root would still allow programs
> running as root to use syslog.  Making /dev/log group-writable and adding
> users to a 'syslog' group would restrict syslog usage to those users

Sure, but innd or nnrpd or postfix don't run as root, for example.
That'd cause pain.

However, the main problem is that POSIX doesn't restrict the use of
syslog() and changing the output format for supporting uid/gid would
break all kinds of scripts, I'm pretty sure.  Even if people want that,
it should be done in sync with all distributions, not only with Debian.

However, those who would like to see such a feature, should be free
to patch their glibc and use it.

Regards,

	Joey

-- 
Never trust an operating system you don't have source for!