aboutsummaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorGleb Smirnoff <glebius@FreeBSD.org>2004-11-04 23:09:57 +0000
committerGleb Smirnoff <glebius@FreeBSD.org>2004-11-04 23:09:57 +0000
commit240d5a9b1ce76f04a7c7e15791557763b2f1fd7e (patch)
tree13d68b1840b739aaaa64351fb83f58c68c26472e /usr.sbin
parent247444670ef3b61c7bdb3fbb34b88c4a26c71aba (diff)
downloadsrc-240d5a9b1ce76f04a7c7e15791557763b2f1fd7e.tar.gz
src-240d5a9b1ce76f04a7c7e15791557763b2f1fd7e.zip
Protect against local flooder of /var/run/log. Do not loop forever in
syslog(3) if we are a priveleged program (sshd, su, etc.). - Make syslogd open an additional socket /var/run/logpriv, with 0600 permissions. - In libc, try to use this socket. - Do not loop forever if we are using this socket (partial backout of 1.31) Reviewed by: dwmalone, Andrea Campi <andrea webcom it> Approved by: julian (mentor) MFC after: 1 month
Notes
Notes: svn path=/head/; revision=137233
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/syslogd/syslogd.89
-rw-r--r--usr.sbin/syslogd/syslogd.c10
2 files changed, 14 insertions, 5 deletions
diff --git a/usr.sbin/syslogd/syslogd.8 b/usr.sbin/syslogd/syslogd.8
index 2e276bd74dc6..5514fd5103f5 100644
--- a/usr.sbin/syslogd/syslogd.8
+++ b/usr.sbin/syslogd/syslogd.8
@@ -250,8 +250,10 @@ The
.Nm
utility reads messages from the
.Ux
-domain socket
-.Pa /var/run/log ,
+domain sockets
+.Pa /var/run/log
+and
+.Pa /var/run/logpriv ,
from an Internet domain socket specified in
.Pa /etc/services ,
and from the special device
@@ -293,6 +295,9 @@ default process ID file
name of the
.Ux
domain datagram log socket
+.It Pa /var/run/logpriv
+.Ux
+socket for priveleged applications
.It Pa /dev/klog
kernel log device
.El
diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c
index 38480eedfbac..ed266d45e017 100644
--- a/usr.sbin/syslogd/syslogd.c
+++ b/usr.sbin/syslogd/syslogd.c
@@ -129,6 +129,8 @@ const char ctty[] = _PATH_CONSOLE;
/*
* Unix sockets.
+ * We have two default sockets, one with 666 permissions,
+ * and one for priveleged programs
*/
struct funix {
int s;
@@ -136,11 +138,13 @@ struct funix {
mode_t mode;
STAILQ_ENTRY(funix) next;
};
-struct funix funix_default = { -1, _PATH_LOG, DEFFILEMODE,
+struct funix funix_secure = { -1, _PATH_LOG_PRIV, S_IRUSR | S_IWUSR,
{ NULL } };
+struct funix funix_default = { -1, _PATH_LOG, DEFFILEMODE,
+ { &funix_secure } };
STAILQ_HEAD(, funix) funixes = { &funix_default,
- &(funix_default.next.stqe_next) };
+ &(funix_secure.next.stqe_next) };
/*
* Flags to logmsg().
@@ -504,7 +508,7 @@ main(int argc, char *argv[])
"cannot create %s", fx->name);
logerror(line);
dprintf("cannot create %s (%d)\n", fx->name, errno);
- if (fx == &funix_default)
+ if (fx == &funix_default || fx == &funix_secure)
die(0);
else
STAILQ_REMOVE(&funixes, fx, funix, next);
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-25 02:42:09 +0000