Matt Zimmerman wrote:
On Sat, Apr 16, 2005 at 05:29:19AM -0500, FX wrote:
package: syslog-ng severity: important tags: security
Log messages are getting dropped during HUP. This could allow certain forms of attacks to perform activities without getting logged.
How long does syslog-ng take to process the HUP? It seems unlikely that this could be successfully abused to hide an attack.
Matt,
I have more info about this now. It seems this log-dropping bug, among others, is already fixed upstream in syslog-ng 1.6.6 (1.6.7 is also available). The changelog entry for 1.6.6 suggests a 1-second impact for this bug (not sure if that is a constant time or dependent on cpu speed).
Best regards
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
