On Mon, Jan 22, 2001 at 12:40:00PM -0500, Garrett Wollman wrote:
> <<On Sat, 20 Jan 2001 21:20:39 -0800, "Crist J. Clark" <[EMAIL PROTECTED]> said:
>
> > If you want to or need to use network sockets,
>
> > # syslogd -a localhost
>
> > Should provide the behavior you want.
>
> I.e., no security whatsoever.
Well, yeah, it's syslogd(8) and as the manpage says,
BUGS
The ability to log messages received in UDP packets is equivalent to an
unauthenticated remote disk-filling service...
However, doing 'syslogd -a localhost' should really not be much worse
than 'syslogd -s' or '-ss'. In all three cases, a local user can nail
you. The only risk I see is 127.0.0.1 being forced in from the LAN, and
even then, I can't recall if FreeBSD will ever accept loopback numbers
coming in a non-loopback interface. And that still is only local net,
127/8 packets aren't going to be routed.
--
Crist J. Clark [EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
