[12716] in bugtraq
Re: local users can panic linux kernel (was: SuSE syslogdadvisory)
daemon@ATHENA.MIT.EDU (Olaf Kirch)
Wed Nov 24 12:28:02 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19991124101108.B16373@monad.swb.de>
Date: Wed, 24 Nov 1999 10:11:08 +0100
Reply-To: Olaf Kirch <okir@MONAD.SWB.DE>
From: Olaf Kirch <okir@MONAD.SWB.DE>
X-To: Shafik Yaghmour <shafik@acm.poly.edu>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.BSF.3.96.991123170404.8364A-100000@acm.poly.edu>; from
Shafik Yaghmour on Tue, Nov 23, 1999 at 05:21:35PM -0500
On Tue, Nov 23, 1999 at 05:21:35PM -0500, Shafik Yaghmour wrote:
> So if you have a high system load it is okay to have some of the
> syslog messages lost? Hmm, I dunno, IMHO it is never okay, I mean why
> should you open up the opportunity at all. You know, security based on
> something being "not so prone to failure" doesn't exactly make me feel
> warm and cozy.
As long as syslog uses a connected socket (which it does), and doesn't
flag MSG_NOWAIT (which it doesn't), there isn't anything in the kernel
source that looks like the code will fail under cpu/memory/whatever
contention.
Just because UDP datagrams are unreliable that doesn't mean that UNIX
datagrams are too.
Olaf
--
Olaf Kirch | --- o --- Nous sommes du soleil we love when we play
okir@monad.swb.de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax
okir@caldera.de +-------------------- Why Not?! -----------------------
UNIX, n.: Spanish manufacturer of fire extinguishers.
