[Logcheck-devel] Bug#488212: denial-of-service (DOS) attack by anyone with syslog access (e.g. logger(1))
martin f krafft
madduck at debian.org
Tue Oct 26 07:43:23 UTC 2010
also sprach Simon Waters <simon at technocool.net> [2010.10.26.0908 +0200]:
> Hit related issue, with USB device errors causing extremely large
> syslog and kern.log files. Results in logcheck consuming excessive
> CPU.
>
> Whilst there are many easy work arounds and perhaps this should be
> fixed with the kernel logging or in syslogd, but occurred to me
> logcheck should have a maximum file size limit at which it refuses
> to process the log.
Patches welcome. Note that if someone chooses to spam your syslog
with logger, you have a completely different set of problems than
logcheck though.
--
.''`. martin f. krafft <madduck at d.o> Related projects:
: :' : proud Debian developer http://debiansystem.info
`. `'` http://people.debian.org/~madduck http://vcs-pkg.org
`- Debian - when you have better things to do than fixing systems
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature (see http://martin-krafft.net/gpg/)
URL: <http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20101026/e0da3ac5/attachment.pgp>
More information about the Logcheck-devel
mailing list