Bugtraq mailing list archives

Re: local users can panic linux kernel (was: SuSE syslogdadvisory)

From: okir () MONAD SWB DE (Olaf Kirch)
Date: Wed, 24 Nov 1999 10:11:08 +0100


On Tue, Nov 23, 1999 at 05:21:35PM -0500, Shafik Yaghmour wrote:

      So if you have a high system load it is okay to have some of the
syslog messages lost? Hmm, I dunno, IMHO it is never okay, I mean why
should you open up the opportunity at all. You know, security based on
something being "not so prone to failure" doesn't exactly make me feel
warm and cozy.


As long as syslog uses a connected socket (which it does), and doesn't
flag MSG_NOWAIT (which it doesn't), there isn't anything in the kernel
source that looks like the code will fail under cpu/memory/whatever
contention.

Just because UDP datagrams are unreliable that doesn't mean that UNIX
datagrams are too.

Olaf

--
Olaf Kirch         |  --- o --- Nous sommes du soleil we love when we play
okir () monad swb de  |    / | \   sol.dhoop.naytheet.ah kin.ir.samse.qurax
okir () caldera de    +-------------------- Why Not?! -----------------------
         UNIX, n.: Spanish manufacturer of fire extinguishers.

Current thread:

Re: Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper), (continued)
- - - Re: Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper) Mark Seiden (Nov 24)
    - Netscape Communicator 4.7 - Navigator Overflows Mike Boto (Nov 24)
    - BindView Security Advisory: SSR Denial of Service BindView Security Advisory (Nov 24)
    - Re: BindView Security Advisory: SSR Denial of Service Alan Cox (Nov 24)
    - Oracle 8i questions Brock Tellier (Nov 23)
    - Printer Vulnerabilities (Tektronix and JetDirect) Elias Levy (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Darren Reed (Nov 20)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Cy Schubert - ITSD Open Systems Group (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogdadvisory) Jefferson Ogata (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogdadvisory) Shafik Yaghmour (Nov 23)
    - Re: local users can panic linux kernel (was: SuSE syslogdadvisory) Olaf Kirch (Nov 24)
    - Re: local users can panic linux kernel (was: SuSE syslogdadvisory) Goetz Babin-Ebell (Nov 24)
    - more about IP ID antirez () INVECE ORG (Nov 20)
    - FreeBSD sysinstall Jonas Eriksson (Nov 20)
    - Re: local users can panic linux kernel (was: SuSE syslogd advisory) Malcolm Beattie (Nov 22)
    - DNA-1999-001: NetTerm FTP Daemon vulnerabilities Jeremy Iverson (Nov 22)
    - Microsoft Security Bulletin (MS99-043) Aleph One (Nov 17)
    - Re: Microsoft Security Bulletin (MS99-043) John Madden (Nov 18)