Re: local users can panic linux kernel (was: SuSE syslogd

From: Alan Cox (alanat_private)
Date: Mon Nov 22 1999 - 13:32:38 PST

Next message: Crispin Cowan: "Buffer Overflow Survey Paper"

Previous message: Malcolm Beattie: "Re: local users can panic linux kernel (was: SuSE syslogd"
Next in thread: Cy Schubert - ITSD Open Systems Group: "Re: local users can panic linux kernel (was: SuSE syslogd"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> It isn't clear for me what can be done to protect the whole system inside
> syslogd.  Does anybody knows what SuSE really changed?
> Their source package isn't very helpful.

There were two notable problems

1.	Syslogd defaulted to stream sockets which means you have resource
	control problems - in fact Dan Bernstein posted some very good stuff
	about that issue about a year ago

2.	The client code decided it would be a good idea to wait - ie do a
	blocking connect. Unfortunate it someone ate all the syslog handles

With a datagram system it comes down to losing messages under load. I think that
is about as good as you can get.

Alan

Next message: Crispin Cowan: "Buffer Overflow Survey Paper"
Previous message: Malcolm Beattie: "Re: local users can panic linux kernel (was: SuSE syslogd"
Next in thread: Cy Schubert - ITSD Open Systems Group: "Re: local users can panic linux kernel (was: SuSE syslogd"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:13:48 PDT