This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH roland/libc_fatal-no-syslog] Do not call syslog in __libc_message.
- From: Russ Allbery <rra at stanford dot edu>
- To: "GNU C. Library" <libc-alpha at sourceware dot org>
- Date: Wed, 20 Mar 2013 15:24:33 -0700
- Subject: Re: [PATCH roland/libc_fatal-no-syslog] Do not call syslog in __libc_message.
- References: <20130320215737 dot 556EA2C077 at topped-with-meat dot com>
Roland McGrath <roland@hack.frob.com> writes:
> Other solutions exist for catching crashes in daemons and such.
> This arcane crutch in libc is not the way to solve that problem.
> Any objections?
I cannot tell you how many security compromises I've seen people catch by
noticing sshd or similar segfaults reported in syslog because attackers
are either probing for vulnerabilities or running broken code. It's hard
to argue with your basic logic, but we've found these notices in syslog
surprisingly valuable for discovering unexpected and unknown security
issues.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>