Bug 574

Summary: Default syslogd behavior of not binding udp/514 isn't true
Product: [Retired] Red Hat Linux Reporter: beldridg
Component: sysklogdAssignee: David Lawrence <dkl>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 5.0CC: beldridg
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 1999-01-12 23:42:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description beldridg 1998-12-23 17:27:28 UTC 
According to the man page for syslogd,

"The default behavior is that syslogd won't listen to the
network."

Yet, check this out:

[root@gateway init.d]# uname -a
Linux gateway.home.com 2.0.36 #6 Mon Nov 23 13:16:03 PST
1998 i586 unknown
[root@gateway init.d]# cat /etc/issue

Red Hat Linux release 5.0 (Hurricane)
Kernel 2.0.36 on an i586

[root@gateway init.d]# lsof -i -P |grep 514
[root@gateway init.d]# syslogd -v
syslogd 1.3-3
[root@gateway init.d]# rpm -qf `which syslogd`
sysklogd-1.3-25                        (Note: upgraded to
latest RPM)
[root@gateway init.d]# syslogd         (Note: no -r flag
given)
[root@gateway init.d]# lsof -i -P |grep 514
syslogd 4880 root    1u  inet 0x010de810        0t0   UDP
*:514
[root@gateway init.d]# ./syslog stop
Shutting down system loggers: syslogd
[root@gateway init.d]# lsof -i -P |grep 514
[root@gateway init.d]#


Looks like a bug. What do you think?
Comment 1 David Lawrence 1999-01-12 23:42:59 UTC 
This is not a bug. Syslogd opens the port when it first starts but it
is not listening to the port. Therefore it is not a security concern.

syslogd   231 root    1u  inet 0x03636810        0t0  UDP *:514