Re: /dev/log

-- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20131019225412.GA20234@zuse.local

Re: /dev/log

to be mode 0666, it just needs to be writable by every program that you want to log via syslog. As there are many daemons which run as non-root (most daemons should not have root privs) and there is no group for daemons to allow such access it's almost required to grant every process access to /dev/log

/dev/log

I saw the following in my 'tiger' output --FAIL-- [dev002f] /dev/log has world permissions which is indeed true: $ file /dev/log /dev/log: socket $ ls -lt /dev/log srw-rw-rw- 1 root root 0 2005-06-28 13:28 /dev/log but I cannot find a manual page etc that tells me what this socket

Default permissions for /dev/log

Hello. I've just found that on all my systems /dev/log has rw-rw-rw- permissions. Is that Debian default? If yes, any local user may bloat system logs by writing a simple program like #include syslog.h int main() { while (1) syslog(LOG_INFO, TIME TO KILL /var FILESYSTEM

Re: Default permissions for /dev/log

On Sat, Sep 20, 2003 at 08:33:29PM +0400, Nikita V. Youshchenko wrote: I've just found that on all my systems /dev/log has rw-rw-rw- permissions. Is that Debian default? It's the default just about everywhere. If it was not the case, then you'd have to put every user that you want to be able

Re: Default permissions for /dev/log

On Sat, Sep 20, 2003 at 08:33:29PM +0400, Nikita V. Youshchenko wrote: I've just found that on all my systems /dev/log has rw-rw-rw- permissions. Is that Debian default? It's the default just about everywhere. If it was not the case, then you'd have to put every user that you want to be able

Default permissions for /dev/log

Hello. I've just found that on all my systems /dev/log has rw-rw-rw- permissions. Is that Debian default? If yes, any local user may bloat system logs by writing a simple program like #include syslog.h int main() { while (1) syslog(LOG_INFO, TIME TO KILL /var FILESYSTEM); }

Re: /dev/log

hi, S in these days there was a interesting thread about /dev/log that has S 666 mode and some possible DOS that can be made by any user by just S printing random thrash with syslog(3) and fill up the /var/log S without being traced . S one possible solution to that was to put /dev/log and to uid

Re: /dev/log

, S in these days there was a interesting thread about /dev/log that has S 666 mode and some possible DOS that can be made by any user by just S printing random thrash with syslog(3) and fill up the /var/log S without being traced . S one possible solution to that was to put /dev/log and to uid

/dev/log

hi, in these days there was a interesting thread about /dev/log that has 666 mode and some possible DOS that can be made by any user by just printing random thrash with syslog(3) and fill up the /var/log without being traced . one possible solution to that was to put /dev/log and to uid,gid

Re: /dev/log

On Fri, Oct 05, 2001 at 07:41:48PM +0200, Samu wrote: hi, in these days there was a interesting thread about /dev/log that has 666 mode and some possible DOS that can be made by any user by just printing random thrash with syslog(3) and fill up the /var/log without being traced . one

/dev/log

hi, in these days there was a interesting thread about /dev/log that has 666 mode and some possible DOS that can be made by any user by just printing random thrash with syslog(3) and fill up the /var/log without being traced . one possible solution to that was to put /dev/log and to uid,gid

Re: /dev/log

On Fri, Oct 05, 2001 at 07:41:48PM +0200, Samu wrote: hi, in these days there was a interesting thread about /dev/log that has 666 mode and some possible DOS that can be made by any user by just printing random thrash with syslog(3) and fill up the /var/log without being traced . one