Debian bug report logs - #1739 syslog is uncommented in /etc/services by default Package: netbase ; Reported by: Ian Jackson ; Done: "Peter Tobias" . ----------------------------------------------------------------------- Message received at debian-bugs: From olis.north.de!indrom!joey Tue Oct 24 22:48:01 1995 Return-Path: Received: from pixar.com by mongo.pixar.com with smtp (Smail3.1.28.1 #15) id m0t7ygy-0005MAC; Tue, 24 Oct 95 22:48 PDT Received: from gimli.Informatik.Uni-Oldenburg.DE by pixar.com with SMTP id AA00407 (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Tue, 24 Oct 1995 22:47:34 -0700 Received: by gimli.Informatik.Uni-Oldenburg.DE (Smail3.1.22.1) id ; Wed, 25 Oct 95 06:24 CET Received: by olis.north.de (/\==/\ Smail3.1.28.1 #28.13) id ; Wed, 25 Oct 95 06:12 MEZ Received: at Infodrom Oldenburg (/\##/\ Smail3.1.29.1 #29.10 Joey) by finlandia.Infodrom.North.DE from joey (Martin Schulze) id m0t7rVu-000KDxC; Tue, 24 Oct 95 23:08 MET Message-Id: From: joey@finlandia.Infodrom.North.DE (Martin Schulze) Subject: Re: Bug#1739: syslog is uncommented in /etc/services by default To: ian@chiark.chu.cam.ac.uk Date: Tue, 24 Oct 1995 23:08:05 +0100 (MET) Cc: debian-bugs@Pixar.com In-Reply-To: from "Ian Jackson" at Oct 23, 95 10:29:00 pm X-Href: http://home.pages.de/~joey/ X-Mailer: ELM [version 2.4 PL23] Content-Type: text Content-Length: 2343 Hallo Ian Jackson! }Peter Tobias asks me in email: }> Ian Jackson wrote: }> > Package: netbase }> > Version: 1.19-1 }> > }> > I've now tracked down what it is that keeps reenabling my syslog's }> > network listening: the netbase package's /etc/services file has syslog }> > uncommented. }> > }> > Commenting out the /etc/services entry is of course a very nasty way }> > of nixing syslog's usually-undesirable network listening feature, but }> > we should leave things that way until the syslog package is improved. }> }> Why do you think it's a bug in the netbase package? This feature (and }> the syslog entry in /etc/services) is enabled on the systems that }> support it (at least on those I have access to). And I see no problem }> having it enabled by default. Anyway, it shouldn't be "fixed" by }> commenting out the syslog service in /etc/services. It should be fixed }> in the syslogd package. } }It's a security problem, because it allows any machine anywhere on the }Internet to make your maching completely unusable very easily. syslog }writes its logfiles to disk synchronously, and the logs can fill up }the disk too. Yes. We (the sysklogd developers) found this problem long time ago. Future releases will have a switch (-r) that has to be set if any message should be received from remote. Otherwise the syslogd won't open the socket for reading. This to look in the future... }Most people do not need or want the remote logging feature. That's correct. }It should therefore be disabled by default. dito }I agree that it shouldn't be fixed by commenting out the syslog entry }in /etc/services, but that seems to be the only avenue open at the }moment. Please keep the entry commented out until the syslog package }is fixed. I have one more comment to make. What do you think about an explanatery text when installing the sysklogd package. This could be done in my postinst script (if I'm not mistaken). Regards, Joey -- / Martin Schulze * joey@infodrom.north.de * 26129 Oldenburg / / +49-441-777884 * Login&Passwd: nuucp * Index: ~/ls-lR.gz / / =?iso-8859-1?q?kristian_k=f6hntopp@cyberbox.north.de / / verursacht durch kaputte Gatesoftware auf der CyberBox / ---------------------------------------------------------------- 30.10.95: Oldenburger Linux-Stammtisch, ab 20h im DaCapo ----------------------------------------------------------------------- Acknowledgement sent to joey@finlandia.Infodrom.North.DE (Martin Schulze) : Extra info received and forwarded. Full text available. ----------------------------------------------------------------------- Information forwarded to debian-devel@pixar.com : Bug#1739 ; Package netbase . Full text available. ----------------------------------------------------------------------- Message received at debian-bugs-done: From server.et-inf.fho-emden.de!tobias Tue Oct 24 17:55:19 1995 Return-Path: Received: from pixar.com by mongo.pixar.com with smtp (Smail3.1.28.1 #15) id m0t7u7i-000BvxC; Tue, 24 Oct 95 17:55 PDT Received: from server.et-inf.fho-emden.de by pixar.com with SMTP id AA13423 (5.67b/IDA-1.5 for debian-bugs-done-pipe@mongo.pixar.com); Tue, 24 Oct 1995 17:54:49 -0700 Received: by server.et-inf.fho-emden.de (5.65/DEC-Ultrix/4.3) id AA25726; Wed, 25 Oct 1995 01:45:07 +0100 Message-Id: <9510250045.AA25726@server.et-inf.fho-emden.de> Subject: Re: Bug#1739: syslog is uncommented in /etc/services by default To: ian@chiark.chu.cam.ac.uk Date: Wed, 25 Oct 1995 01:45:06 +0100 (MET) From: "Peter Tobias" Cc: debian-bugs-done@pixar.com Reply-To: tobias@et-inf.fho-emden.de In-Reply-To: from "Ian Jackson" at Oct 23, 95 12:54:00 pm X-Mailer: ELM [version 2.4 PL23] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8bit Content-Length: 714 Ian Jackson wrote: > Package: netbase > Version: 1.19-1 > > I've now tracked down what it is that keeps reenabling my syslog's > network listening: the netbase package's /etc/services file has syslog > uncommented. > > Commenting out the /etc/services entry is of course a very nasty way > of nixing syslog's usually-undesirable network listening feature, but > we should leave things that way until the syslog package is improved. Fixed (see netbase-1.20-1). Peter -- Peter Tobias EMail: Fachhochschule Ostfriesland tobias@et-inf.fho-emden.de Fachbereich Elektrotechnik und Informatik tobias@perseus.fho-emden.de Constantiaplatz 4, 26723 Emden, Germany ----------------------------------------------------------------------- Notification sent to Ian Jackson : Bug acknowledged by developer. Full text available. ----------------------------------------------------------------------- Reply sent to tobias@et-inf.fho-emden.de : You have taken responsibility. Full text available. ----------------------------------------------------------------------- Message received at debian-bugs: From chiark.chu.cam.ac.uk!ian Mon Oct 23 15:29:37 1995 Return-Path: Received: from pixar.com by mongo.pixar.com with smtp (Smail3.1.28.1 #15) id m0t7VNB-000C0GC; Mon, 23 Oct 95 15:29 PDT Received: from artemis.chu.cam.ac.uk by pixar.com with SMTP id AA24072 (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Mon, 23 Oct 1995 15:29:11 -0700 Received: from chiark.chu.cam.ac.uk by artemis.chu.cam.ac.uk with smtp (Smail3.1.29.1 #33) id m0t7VN3-0007uaC; Mon, 23 Oct 95 22:29 GMT Received: by chiark.chu.cam.ac.uk id m0t7VMm-0002b4C (Debian /\oo/\ Smail3.1.29.1 #29.33); Mon, 23 Oct 95 22:29 GMT Message-Id: Date: Mon, 23 Oct 95 22:29 GMT From: Ian Jackson To: Debian bugs submission address Subject: Re: Bug#1739: syslog is uncommented in /etc/services by default In-Reply-To: <9510231401.AA01409@server.et-inf.fho-emden.de> References: <9510231401.AA01409@server.et-inf.fho-emden.de> Peter Tobias asks me in email: > Ian Jackson wrote: > > Package: netbase > > Version: 1.19-1 > > > > I've now tracked down what it is that keeps reenabling my syslog's > > network listening: the netbase package's /etc/services file has syslog > > uncommented. > > > > Commenting out the /etc/services entry is of course a very nasty way > > of nixing syslog's usually-undesirable network listening feature, but > > we should leave things that way until the syslog package is improved. > > Why do you think it's a bug in the netbase package? This feature (and > the syslog entry in /etc/services) is enabled on the systems that > support it (at least on those I have access to). And I see no problem > having it enabled by default. Anyway, it shouldn't be "fixed" by > commenting out the syslog service in /etc/services. It should be fixed > in the syslogd package. It's a security problem, because it allows any machine anywhere on the Internet to make your maching completely unusable very easily. syslog writes its logfiles to disk synchronously, and the logs can fill up the disk too. Most people do not need or want the remote logging feature. It should therefore be disabled by default. I agree that it shouldn't be fixed by commenting out the syslog entry in /etc/services, but that seems to be the only avenue open at the moment. Please keep the entry commented out until the syslog package is fixed. Ian. ----------------------------------------------------------------------- Acknowledgement sent to Ian Jackson : Extra info received and forwarded. Full text available. ----------------------------------------------------------------------- Information forwarded to debian-devel@pixar.com : Bug#1739 ; Package netbase . Full text available. ----------------------------------------------------------------------- Message received at debian-bugs: From chiark.chu.cam.ac.uk!ian Mon Oct 23 05:55:26 1995 Return-Path: Received: from pixar.com by mongo.pixar.com with smtp (Smail3.1.28.1 #15) id m0t7MPW-000Bz5C; Mon, 23 Oct 95 05:55 PDT Received: from artemis.chu.cam.ac.uk by pixar.com with SMTP id AA22404 (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Mon, 23 Oct 1995 05:54:54 -0700 Received: from chiark.chu.cam.ac.uk by artemis.chu.cam.ac.uk with smtp (Smail3.1.29.1 #33) id m0t7MOz-0007uaC; Mon, 23 Oct 95 12:54 GMT Received: by chiark.chu.cam.ac.uk id m0t7MOr-0002b7C (Debian /\oo/\ Smail3.1.29.1 #29.33); Mon, 23 Oct 95 12:54 GMT Message-Id: Date: Mon, 23 Oct 95 12:54 GMT From: Ian Jackson To: Debian bugs submission address Subject: syslog is uncommented in /etc/services by default Package: netbase Version: 1.19-1 I've now tracked down what it is that keeps reenabling my syslog's network listening: the netbase package's /etc/services file has syslog uncommented. Commenting out the /etc/services entry is of course a very nasty way of nixing syslog's usually-undesirable network listening feature, but we should leave things that way until the syslog package is improved. Ian. ----------------------------------------------------------------------- Acknowledgement sent to Ian Jackson : New bug report received and forwarded. Full text available. ----------------------------------------------------------------------- Report forwarded to debian-devel@pixar.com : Bug#1739 ; Package netbase . Full text available. ----------------------------------------------------------------------- Ian Jackson / iwj10@thor.cam.ac.uk , with the debian-bugs tracking mechanism This page last modified 07:43:01 GMT Wed 01 Nov