/dev/urandom | logger "issue"

[Vitaly McLain <twistah () DATASURGE NET>]

Hi,

I know I'll probably wind up sounding like an idiot, but why is that on
Linux boxes normal users have so much access to /var/log/messages via
"logger"? Any user can do:

cat /dev/urandom | logger &

A couple of those will make "messages" look corrupted and fill up your
hard-drive. The worst part is lines like:
Aug 21 12:42:10 bizkit logger: I^[Ö)~z¼v*^Wf^D
Aug 21 12:42:10 bizkit logger: ^]"Àµ_®ý¼P^S¯,´yäOsñѾ+^_^B÷tL3#­^WmÓnåbÜ^OÝ

Couldn't "logger" at least log which user sent this input to logger? It'd be
nice, otherwise it'd be hard to track down.

My setup is Slackware 7.0 with stock 2.2.13 kernel. Here is some info:

bizkit:~$ ls -al /dev/urandom
crw-r--r--   1 root     root       1,   9 Dec 11  1995 /dev/urandom
bizkit:~$ ls -al `which logger`
-rwxr-xr-x   1 root     bin          8228 Aug  1  1999 /usr/bin/logger*
bizkit:~$ uname -a
Linux bizkit 2.2.13 #61 Wed Oct 20 19:40:54 CDT 1999 i586 unknown
bizkit:~$

I've tried to test this behavior on other distributions of Linux (namely
Debian), but as they are not my machines, I couldn't see /var/log/messages.
Doing the command gave no errors, though.

I am betting this has to do with bad permissions on my /var/log/messages,
though I am sure I've seen this on other machines. What do you guys think?

UPDATE: I have just been informed this works on RedHat 6.2 and 6.1.

Vitaly McLain
twistah () datasurge net