Re: Dumb question: Why are exceptions such as SIGSEGV not logged

[Jakob Oestergaard]

On Sat, Aug 16, 2003 at 06:06:34PM -0500, David D. Hagood wrote:
> Valdis.Kletnieks@xxxxxx wrote:
> 
> >Consider this code:
> >
> >	char *foo = 0;
> >	sigset(SIGSEGV,SIG_IGNORE);
> >	for(;;) { *foo = '\5'; }
> >
> >Your logfiles just got DoS'ed....
...

Consider this code:
 for (;;) syslog(LOG_INFO, "root, hurt me please!");

My point being, that if a user wishes to spam the syslog he can.

Please read the syslogd man page - see under "SECURITY THREATS".
Especially option 5 in that section:

----------------
5.     Use step 4 and if the problem persists and is not secondary to a  rogue
       program/daemon get a 3.5 ft (approx. 1 meter) length of sucker rod* and
       have a chat with the user in question.

       Sucker rod def. -- 3/4, 7/8 or 1in. hardened steel rod, male  threaded
       on  each  end.  Primary use in the oil industry in Western North Dakota
       and other locations to pump 'suck' oil from oil wells.  Secondary  uses
       are  for  the construction of cattle feed lots and for dealing with the
       occasional recalcitrant or belligerent individual.
----------------

-- 
................................................................
:   jakob@xxxxxxxxxxxxx   : And I see the elder races,         :
:.........................: putrid forms of man                :
:   Jakob Østergaard      : See him rise and claim the earth,  :
:        OZ9ABN           : his downfall is at hand.           :
:.........................:............{Konkhra}...............:
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/