[Bug 643] klogd logs message tagged with user.xxx

bugzilla at busybox.net bugzilla at busybox.net
Mon Dec 14 12:27:36 UTC 2009


https://bugs.busybox.net/show_bug.cgi?id=643





--- Comment #8 from Denys Vlasenko <vda.linux at googlemail.com>  2009-12-14 12:27:33 UTC ---
(In reply to comment #6)
> it is not a bug in glibc and neither in uclibc, although at first glance it
> really looks as if it were.
> 
> if you look at the man page of openlog:
> 
>   LOG_KERN       kernel messages (these can't be generated from user processes)

...but there is no way to prevent it. Any process can open a socket to
"/dev/log"
and write a string "<0>This is a load of bull" there. Voila, a LOG_KERN +
LOG_EMERG message is logged! Run for your lives...

> it is intended that it does not work as easy as openlog(... LOG_KERN).

Making openlog(xx,xx,LOG_KERN) intentionally broken does not help one iota in
preventing this sort of "attack". It *ONLY* makes writing legitimate code
harder.

> I could not figure out why but the klogd deamon from the buildroot sysklogd
> package works correctly with exactly the same glibc. so there are ways how to
> do it.

Because it has its own (old and a bit broken) implementation of openlog() and
syslog().


-- 
Configure bugmail: https://bugs.busybox.net/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the busybox-cvs mailing list