Processing commands for [EMAIL PROTECTED]:
reassign 158090 sysklogd
Bug#158090: security.debian.org: Easy for any user to fake messages into syslog
Bug reassigned from package `glibc' to `sysklogd'.
thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug
reassign 158090 sysklogd
thanks
At Sun, 25 Aug 2002 15:15:08 -0400,
Joey Hess wrote:
syslogd could use getsockopt(SO_PEERCRED) to get a ucred structure and
work out the user who has opened /dev/log and include that info in the
log somewhere. This would require no special glibc support. If you
Processing commands for [EMAIL PROTECTED]:
reassign 158090 glibc
Bug#158090: security.debian.org: Easy for any user to fake messages into syslog
Bug reassigned from package `sysklogd' to `glibc'.
thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking
Martin Schulze wrote:
Even worse, syslogd only reads what is provided on /dev/log.
The socket is world writable, glibc's syslog() function writes
to it, from any program. Restricting its write access to root
would effectively disable syslogging.
syslogd could use getsockopt(SO_PEERCRED)
Matt Zimmerman wrote:
The socket is world writable, glibc's syslog() function writes
to it, from any program. Restricting its write access to root
would effectively disable syslogging.
How so? Restricting its write access to root would still allow programs
running as root to use
5 matches
Mail list logo