Vulnerability Development mailing list archives

Re: /dev/urandom | logger "issue"

From: Kev <klmitch () MIT EDU>
Date: Mon, 28 Aug 2000 10:23:44 -0400

Even if you added user logging when the logger program is run, what
keeps someone from opening /dev/log and forging thier messages that way?


I'm not 100% on how syslog works. Does a daemon write to /dev/log or to a
unix socket to log?


<kosh> Yes. </kosh>

Seriously, /dev/log usually is a UNIX socket.
--
Kevin L. Mitchell <klmitch () mit edu>

Current thread:

Re: /dev/urandom | logger "issue", (continued)
- Re: /dev/urandom | logger "issue" Michal Zalewski (Aug 22)
- Re: /dev/urandom | logger "issue" Matt Wilson (Aug 22)
- Re: /dev/urandom | logger "issue" Bill Pennington (Aug 22)
- Re: /dev/urandom | logger "issue" Larry D'Anna (Aug 23)
  - Re: /dev/urandom | logger "issue" Sarel J. Botha (Aug 23)
  - Re: /dev/urandom | logger "issue" Alfonso De Gregorio (Aug 23)
  - Re: /dev/urandom | logger "issue" Matt Wilson (Aug 23)
  - Re: /dev/urandom | logger "issue" H D Moore (Aug 27)
    - Re: /dev/urandom | logger "issue" Sarel J. Botha (Aug 27)
    - Re: /dev/urandom | logger "issue" M ixter (Aug 28)
    - Re: /dev/urandom | logger "issue" Kev (Aug 28)