in these days there was a interesting thread about /dev/log that has
666 mode and some possible DOS that can be made by any user by just
printing random thrash with syslog(3) and fill up the /var/log
without being traced .
one possible solution to that was to put /dev/log and to uid,gid syslog.syslog
and then add every daemon which wants to write on log on gid syslog too.
what do you think ?? Will debian reolve it ?
Samuele Tonon <firstname.lastname@example.org>
Undergraduate Student of Computer Science at University of Bologna, Italy
System administrator at Computer Science Lab's, University of Bologna, Italy
Founder & Member of A.A.H.T.
Acid -- better living through chemistry.