Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: solaris 251 & syslogd

From: rap () UCLINK BERKELEY EDU (Richard Peters)
Date: Wed, 12 Nov 1997 09:49:01 -0800

I experienced the same problem with this 103738-05 patch and reverted to
103738-03 with which I have had not experienced the HUP problem.  However,
on the track of missing messages being a security problem, Solaris log
processing does occasionally drop messages into the trash bin, especially
when lots of messages are being processed. Not a good "feature".  ..Richard
Peters

At 8:42 AM -0800 11/12/97, Michael Helm wrote:

I'm not having very good luck with the patch mentioned here
(among other places) for syslogd on solaris.  Patch 103738-05
may solve the immediate security problem, but at least for me,
as soon as you attempt to restart it (SIGHUP), it stops writing
messages to any of its files.  This is usually done automatically
by scripts that close old log files & open new (empty) ones;
they stay empty.  Unless you go looking for this, you will not
notice it for a while (swatch or your other monitors will be
happy &c).  No news is not good news in this case ; I see this
as a pretty big security problem in its own right.
Previous By Date Next
Previous By Thread Next

Current thread: