Bugtraq mailing list archives

Re: local users can panic linux kernel (was: SuSE syslogdadvisory)

From: shafik () ACM POLY EDU (Shafik Yaghmour)
Date: Tue, 23 Nov 1999 17:21:35 -0500


        So if you have a high system load it is okay to have some of the
syslog messages lost? Hmm, I dunno, IMHO it is never okay, I mean why
should you open up the opportunity at all. You know, security based on
something being "not so prone to failure" doesn't exactly make me feel
warm and cozy.

On Tue, 23 Nov 1999, Jefferson Ogata wrote:

I think it should be pointed out that datagram messages to a Unix domain socket
don't suffer the same network load losses that datagram messages across an
ethernet do. The quality of reception will generally be based purely on system
load, since an external network is not involved. You won't be losing lots of log
messages on account of a large file transfer between two other hosts.

Therefore, I think reliance on datagram-based syslog to a Unix domain socket is
not so prone to failure as some other posters have implied.

--
Jefferson Ogata <jogata () nodc noaa gov> National Oceanographic Data Center
You can't step into the same river twice. -- Herakleitos


==========================================================================
--"the more you know and understand the more you must know and understand
   .. knowledge is an unsatiable hunger .. which makes life easier and at
   the same time harder .... knowledge is a paradox w/ no resolution just
   a boundless function of human nature .... knowledge is a trap which we
   embrace and which we run away from .... and in the end the only escape
   is death .... or maybe not "<grin>--
==========================================================================
                     -Unite for Java! - http://www.javalobby.org-
                     -This message transmitted on 100% recycled electrons-
                     -Save the whales, Feed the hungry, Free the mallocs-

Two cats on a roof,
Which one falls off first?
The one with the smaller mew.

Current thread:

[w00giving '99 #6]: UnixWare 7's Xsco, (continued)
- - - [w00giving '99 #6]: UnixWare 7's Xsco Matt Conover (Nov 25)
    - Re: Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper) Mark Seiden (Nov 24)
    - Netscape Communicator 4.7 - Navigator Overflows Mike Boto (Nov 24)
    - BindView Security Advisory: SSR Denial of Service BindView Security Advisory (Nov 24)
    - Re: BindView Security Advisory: SSR Denial of Service Alan Cox (Nov 24)
    - Oracle 8i questions Brock Tellier (Nov 23)
    - Printer Vulnerabilities (Tektronix and JetDirect) Elias Levy (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Darren Reed (Nov 20)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Cy Schubert - ITSD Open Systems Group (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogdadvisory) Jefferson Ogata (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogdadvisory) Shafik Yaghmour (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogdadvisory) Olaf Kirch (Nov 24)
    - Re: local users can panic linux kernel (was: SuSE syslogdadvisory) Goetz Babin-Ebell (Nov 24)
    - more about IP ID antirez () INVECE ORG (Nov 20)
    - FreeBSD sysinstall Jonas Eriksson (Nov 20)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Malcolm Beattie (Nov 22)
    - DNA-1999-001: NetTerm FTP Daemon vulnerabilities Jeremy Iverson (Nov 22)
    - Microsoft Security Bulletin (MS99-043) Aleph One (Nov 17)
    - Re: Microsoft Security Bulletin (MS99-043) John Madden (Nov 18)