home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Message-Id: <19991124101108.B16373@monad.swb.de> Date: Wed, 24 Nov 1999 10:11:08 +0100 Reply-To: Olaf Kirch <okir@MONAD.SWB.DE> From: Olaf Kirch <okir@MONAD.SWB.DE> X-To: Shafik Yaghmour <shafik@acm.poly.edu> To: BUGTRAQ@SECURITYFOCUS.COM In-Reply-To: <Pine.BSF.3.96.991123170404.8364A-100000@acm.poly.edu>; from Shafik Yaghmour on Tue, Nov 23, 1999 at 05:21:35PM -0500 On Tue, Nov 23, 1999 at 05:21:35PM -0500, Shafik Yaghmour wrote: > So if you have a high system load it is okay to have some of the > syslog messages lost? Hmm, I dunno, IMHO it is never okay, I mean why > should you open up the opportunity at all. You know, security based on > something being "not so prone to failure" doesn't exactly make me feel > warm and cozy. As long as syslog uses a connected socket (which it does), and doesn't flag MSG_NOWAIT (which it doesn't), there isn't anything in the kernel source that looks like the code will fail under cpu/memory/whatever contention. Just because UDP datagrams are unreliable that doesn't mean that UNIX datagrams are too. Olaf -- Olaf Kirch | --- o --- Nous sommes du soleil we love when we play okir@monad.swb.de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax okir@caldera.de +-------------------- Why Not?! ----------------------- UNIX, n.: Spanish manufacturer of fire extinguishers.
home | help | back | first | fref | pref | prev | next | nref | lref | last | post |