diff options
author | glebius <glebius@FreeBSD.org> | 2004-11-04 23:09:57 +0000 |
---|---|---|
committer | glebius <glebius@FreeBSD.org> | 2004-11-04 23:09:57 +0000 |
commit | dfc6a366e7b882f80c120f4c99900e60c89ca279 (patch) | |
tree | 13d68b1840b739aaaa64351fb83f58c68c26472e /usr.sbin/syslogd | |
parent | 76ec624d7493ab72c8ed404fad83c31125ee70f8 (diff) | |
download | FreeBSD-src-dfc6a366e7b882f80c120f4c99900e60c89ca279.zip FreeBSD-src-dfc6a366e7b882f80c120f4c99900e60c89ca279.tar.gz |
Protect against local flooder of /var/run/log. Do not loop forever in
syslog(3) if we are a priveleged program (sshd, su, etc.).
- Make syslogd open an additional socket /var/run/logpriv, with 0600
permissions.
- In libc, try to use this socket.
- Do not loop forever if we are using this socket (partial backout of 1.31)
Reviewed by: dwmalone, Andrea Campi <andrea webcom it>
Approved by: julian (mentor)
MFC after: 1 month
Diffstat (limited to 'usr.sbin/syslogd')
-rw-r--r-- | usr.sbin/syslogd/syslogd.8 | 9 | ||||
-rw-r--r-- | usr.sbin/syslogd/syslogd.c | 10 |
2 files changed, 14 insertions, 5 deletions
diff --git a/usr.sbin/syslogd/syslogd.8 b/usr.sbin/syslogd/syslogd.8 index 2e276bd..5514fd5 100644 --- a/usr.sbin/syslogd/syslogd.8 +++ b/usr.sbin/syslogd/syslogd.8 @@ -250,8 +250,10 @@ The .Nm utility reads messages from the .Ux -domain socket -.Pa /var/run/log , +domain sockets +.Pa /var/run/log +and +.Pa /var/run/logpriv , from an Internet domain socket specified in .Pa /etc/services , and from the special device @@ -293,6 +295,9 @@ default process ID file name of the .Ux domain datagram log socket +.It Pa /var/run/logpriv +.Ux +socket for priveleged applications .It Pa /dev/klog kernel log device .El diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c index 38480ee..ed266d4 100644 --- a/usr.sbin/syslogd/syslogd.c +++ b/usr.sbin/syslogd/syslogd.c @@ -129,6 +129,8 @@ const char ctty[] = _PATH_CONSOLE; /* * Unix sockets. + * We have two default sockets, one with 666 permissions, + * and one for priveleged programs */ struct funix { int s; @@ -136,11 +138,13 @@ struct funix { mode_t mode; STAILQ_ENTRY(funix) next; }; -struct funix funix_default = { -1, _PATH_LOG, DEFFILEMODE, +struct funix funix_secure = { -1, _PATH_LOG_PRIV, S_IRUSR | S_IWUSR, { NULL } }; +struct funix funix_default = { -1, _PATH_LOG, DEFFILEMODE, + { &funix_secure } }; STAILQ_HEAD(, funix) funixes = { &funix_default, - &(funix_default.next.stqe_next) }; + &(funix_secure.next.stqe_next) }; /* * Flags to logmsg(). @@ -504,7 +508,7 @@ main(int argc, char *argv[]) "cannot create %s", fx->name); logerror(line); dprintf("cannot create %s (%d)\n", fx->name, errno); - if (fx == &funix_default) + if (fx == &funix_default || fx == &funix_secure) die(0); else STAILQ_REMOVE(&funixes, fx, funix, next); |