This is the mail archive of the
glibc-linux@ricardo.ecn.wfu.edu
mailing list for the glibc project.
suggestions for glibc
- To: glibc-linux at ricardo dot ecn dot wfu dot edu
- Subject: suggestions for glibc
- From: Pablo Saratxaga <pablo at mandrakesoft dot com>
- Date: Mon, 25 Oct 1999 18:55:11 +0200
- Reply-To: glibc-linux at ricardo dot ecn dot wfu dot edu
Kaixo!
We have had a thread here on the problem of syslogd (it allows anyone
that can run a program to write arbitrary messages trough it).
And I think the only real solution to it would be to have a low level
function (OS system call or libc function) that receives as argument
a string and returns to a given process that string but also info on the
calling process (pid,uid,gid,...) so a modified syslogd-like using such
a function can have a trusty information on who sent the log line and
accept or not to proceed it.
Do you think it is worthwile ? (Or maybe there is already some way for a
process A to receive messages from other processes and at the same time
have trusty information on who is sending them ?)
Thank you,
Pablo Saratxaga
----- Forwarded message from Chmouel Boudjnah <chmouel@mandrakesoft.com> -----
To: future@linux-mandrake.com
Subject: Re: [Future] Bug in sysklogd package - big bug
X-No-Archive: yes
From: Chmouel Boudjnah <chmouel@mandrakesoft.com>
Organisation: Linux-Mandrake
Date: 25 Oct 1999 15:07:53 +0200
In-Reply-To: Pablo Saratxaga's message of "Mon, 25 Oct 1999 14:47:07 +0200"
User-Agent: Gnus/5.070096 (Pterodactyl Gnus v0.96) XEmacs/21.1 (Arches)
Reply-To: future@linux-mandrake.com
X-Loop: future@linux-mandrake.com
X-Sequence: 108
Precedence: list
Pablo Saratxaga <pablo@mandrakesoft.com> writes:
> Can a single program send directly to a remote syslogd ?
> Doesn't it need to use the local syslogd as proxy ?
>
> Anyway, the problem is to decide to change everthing or not.
> I think maybe the best place to push that will be on the GNU libc;
> if the people doing the libc ca be convinced to add a special function that
> receives a string and checks the pid/gid/uid/egid/euid and pass that data;
> then a standard can be agreed on a more secure log facility.
> That checking can only be done at a very low level, libc or even maybe
> the kernel; that can't be done by the logger itself as it is a separate
> process.
> When I discussed that topic back in 1997 the situation was a bit different of
> what it is now; now the free software has enough momentum to, if a new
> standard is set, make the commercial vendors follow. (also maybe there
> is a major concern on security issues ?)
mail -s "suggestions for glibc" glibc-linux@ricardo.ecn.wfu.edu << this_article
--
MandrakeSoft http://www.mandrakesoft.com/
--Chmouel
----- End forwarded message -----
--
Ki ça vos våye bén,
Pablo Saratxaga
http://www.ping.be/~pin19314/ PGP Key available, key ID: 0x8F0E4975