This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH roland/libc_fatal-no-syslog] Do not call syslog in __libc_message.

From: Russ Allbery <rra at stanford dot edu>
To: "GNU C. Library" <libc-alpha at sourceware dot org>
Date: Wed, 20 Mar 2013 15:24:33 -0700
Subject: Re: [PATCH roland/libc_fatal-no-syslog] Do not call syslog in __libc_message.
References: <20130320215737 dot 556EA2C077 at topped-with-meat dot com>

Roland McGrath <roland@hack.frob.com> writes:

> Other solutions exist for catching crashes in daemons and such.
> This arcane crutch in libc is not the way to solve that problem.

> Any objections?

I cannot tell you how many security compromises I've seen people catch by
noticing sshd or similar segfaults reported in syslog because attackers
are either probing for vulnerabilities or running broken code.  It's hard
to argue with your basic logic, but we've found these notices in syslog
surprisingly valuable for discovering unexpected and unknown security
issues.

-- 
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>

Follow-Ups:
- Re: [PATCH roland/libc_fatal-no-syslog] Do not call syslog in __libc_message.
  - From: Roland McGrath

References:
- [PATCH roland/libc_fatal-no-syslog] Do not call syslog in __libc_message.
  - From: Roland McGrath

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]