Re: chrooted Postfix and Syslog

From: Martin Schmitt (no email)
Date: Thu Sep 22 2005 - 09:05:44 EDT

  • Next message: Ralf Hildebrandt: "Re: Effective RHSBLs?"

    Wietse Venema schrieb:

    > openlog(2) is called before chroot(2).

    Simple explanation. Thanks Wietse!

    Now, on to the next level:

    Since the chrooted Postfix subsystems talk to the system's syslogd
    (through the additional socket and with openlog before chroot as well),
    I'm completely certain that I'm going to be asked by $CLIENT what
    happens if someone tries to exploit a hole in syslogd to take over the
    system.

    So far, I have only chrooted daemons that log to a local file. With
    Postfix, I'm forced to use syslog, which has always been perfectly fine
    for me, but leaves me with questions about syslogd's security in this
    paranoid environment.

    Can anybody on the list offer some words of comfort regarding the
    security of syslogging?

    Thanks,

    -martin

    -- 
    +-------------------------+------------------------+
    | Martin Schmitt          | Schmitt Systemberatung |
    | http://www.scsy.de/~mas | http://www.scsy.de     |
    +-------------------------+------------------------+
    
    



  • Next message: Ralf Hildebrandt: "Re: Effective RHSBLs?"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD