[Logcheck-devel] Bug#488212: Bug#488212: Potential denial-of-service (DOS) attack by anyone with syslog access (e.g. logger(1))
martin f krafft
madduck at debian.org
Fri Jun 27 06:55:39 UTC 2008
tags 488212 wontfix confirmed
thanks
Sure thing, but I don't see how logcheck could guard against this.
If you are letting people write to your log, you're asking for it.
They might also just drown legitimate entries with junk (cat
/dev/urandom...).
So you should lock down the logger.
I also advise people never to rely on logcheck. It's convenient, but
it's not reliable *at all*.
--
.''`. martin f. krafft <madduck at debian.org>
: :' : proud Debian developer, author, administrator, and user
`. `'` http://people.debian.org/~madduck - http://debiansystem.info
`- Debian - when you have better things to do than fixing systems
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature (see http://martin-krafft.net/gpg/)
Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20080627/97199b0b/attachment.pgp
More information about the Logcheck-devel
mailing list