Bug 185279 - Security enhancement, suggested
Summary: Security enhancement, suggested
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: sysklogd
Version: 4.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Peter Vrabec
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-03-13 07:32 UTC by Kevin Verma
Modified: 2007-11-30 22:07 UTC (History)
0 users

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-11-14 12:38:09 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Kevin Verma 2006-03-13 07:32:11 UTC 
Description of problem:
When sysklogd started to except logs from remost hosts, it blindly starts
expecting logs from any host and any network interface, it is desirable if that
can be contained to particular interfaces and hosts. An interim solution could
be a listen or interface directive/option.

Version-Release number of selected component (if applicable):
all
Comment 1 Kevin Verma 2006-10-29 07:13:02 UTC 
s/except/accept
s/expecting/accepting

PS: I am not sure if I was my mind was wandering somewhere else while I filed 
this bug finally. Sorry for the pain you must have had gone through to
understand the exact enhancement I suggested and thanks for having this assigned.
Comment 2 Peter Vrabec 2006-11-14 12:38:09 UTC 
I'm sorry, but "$man syslog" claims that you have to implement kernel 
firewalling to limit which hosts or networks have access to the 514/UDP 
socket.
Note You need to log in before you can comment on or make changes to this bug.