This is the mail archive of the glibc-linux@ricardo.ecn.wfu.edu mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

suggestions for glibc


Kaixo!


We have had a thread here on the problem of syslogd (it allows anyone
that can run a program to write arbitrary messages trough it).
And I think the only real solution to it would be to have a low level
function (OS system call or libc function) that receives as argument
a string and returns to a given process that string but also info on the
calling process (pid,uid,gid,...) so a modified syslogd-like using such
a function can have a trusty information on who sent the log line and
accept or not to proceed it.

Do you think it is worthwile ? (Or maybe there is already some way for a
process A to receive messages from other processes and at the same time
have trusty information on who is sending them ?)

Thank you,
Pablo Saratxaga 

----- Forwarded message from Chmouel Boudjnah <chmouel@mandrakesoft.com> -----

To: future@linux-mandrake.com
Subject: Re: [Future] Bug in sysklogd package - big bug
X-No-Archive: yes
From: Chmouel Boudjnah <chmouel@mandrakesoft.com>
Organisation: Linux-Mandrake
Date: 25 Oct 1999 15:07:53 +0200
In-Reply-To: Pablo Saratxaga's message of "Mon, 25 Oct 1999 14:47:07 +0200"
User-Agent: Gnus/5.070096 (Pterodactyl Gnus v0.96) XEmacs/21.1 (Arches)
Reply-To: future@linux-mandrake.com
X-Loop: future@linux-mandrake.com
X-Sequence: 108
Precedence: list

Pablo Saratxaga <pablo@mandrakesoft.com> writes:

> Can a single program send directly to a remote syslogd ?
> Doesn't it need to use the local syslogd as proxy ?
> 
> Anyway, the problem is to decide to change everthing or not.
> I think maybe the best place to push that will be on the GNU libc;
> if the people doing the libc ca be convinced to add a special function that
> receives a string and checks the pid/gid/uid/egid/euid and pass that data;
> then a standard can be agreed on a more secure log facility.
> That checking can only be done at a very low level, libc or even maybe
> the kernel; that can't be done by the logger itself as it is a separate
> process.
> When I discussed that topic back in 1997 the situation was a bit different of
> what it is now; now the free software has enough momentum to, if a new
> standard is set, make the commercial vendors follow. (also maybe there
> is a major concern on security issues ?)

mail -s "suggestions for glibc" glibc-linux@ricardo.ecn.wfu.edu << this_article

-- 
MandrakeSoft          http://www.mandrakesoft.com/
			         	 --Chmouel

----- End forwarded message -----

-- 
Ki ça vos våye bén,
Pablo Saratxaga

http://www.ping.be/~pin19314/		PGP Key available, key ID: 0x8F0E4975

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]