Vulnerability Development mailing list archives
Re: /dev/urandom | logger "issue"
From: "Sarel J. Botha" <sjbotha () EMAIL COM>
Date: Mon, 28 Aug 2000 00:32:14 +0200
On Sun, Aug 27, 2000 at 02:48:57AM -0500, H D Moore wrote:
Even if you added user logging when the logger program is run, what keeps someone from opening /dev/log and forging thier messages that way?
I'm not 100% on how syslog works. Does a daemon write to /dev/log or to a
unix socket to log?
If it only uses /dev/log then this problem can be easily fixed my system
administrators on their own machines. Just create a log group, make the
permissions on /dev/log 660 and add all daemons that are allowed to log to
the log group.
IMHO distributions should also have a policy enforcing this.
--
------------------
Sarel Botha
sjbotha () email com
------------------
99 little bugs in the code, 99 bugs in the code,
fix one bug, compile it again...
101 little bugs in the code....
Current thread:
- Re: /dev/urandom | logger "issue", (continued)
- Re: /dev/urandom | logger "issue" Bluefish (P.Magnusson) (Aug 22)
- Re: /dev/urandom | logger "issue" Eilert Brinkmann (Aug 22)
- Re: /dev/urandom | logger "issue" Michal Zalewski (Aug 22)
- Re: /dev/urandom | logger "issue" Matt Wilson (Aug 22)
- Re: /dev/urandom | logger "issue" Bill Pennington (Aug 22)
- Re: /dev/urandom | logger "issue" Larry D'Anna (Aug 23)
- Re: /dev/urandom | logger "issue" Sarel J. Botha (Aug 23)
- Re: /dev/urandom | logger "issue" Alfonso De Gregorio (Aug 23)
- Re: /dev/urandom | logger "issue" Matt Wilson (Aug 23)
- Re: /dev/urandom | logger "issue" H D Moore (Aug 27)
- Re: /dev/urandom | logger "issue" Sarel J. Botha (Aug 27)
- Re: /dev/urandom | logger "issue" M ixter (Aug 28)
- Re: /dev/urandom | logger "issue" Kev (Aug 28)