As long as you can disable/limit the logging. One very nasty
"attack" would be
to loop trying to run a binary. Blow your logging partition.
Somebody could
then use that to do other things that would normally be logged,
safe in the
knowledge that their activities wouldn't be logged.
I've seen systems brought to their knees by similar well
intentioned logging
activities. It's not pretty :)
That's out of the question, of course :)
A sysctl could control it. Anyway, the same can happen with
zillions of logged events.
Borja.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
