> >What about a dual-pronged approach? The first being updating Anaconda to > >support the syslog API, the second being to provide a 'logger' command in > >bootstrap that can be called by kickstart itself, like the one used on > >FBSD, > >like this: > > > > logger -t kickstart -p local7.warn @loghost \ > > "Could not find /install/foobar.rpm to install!" > > > >or something like that. > > I do not see the '@loghost' option in the man page of the > util-linux-2.12a-16 derived 'logger', nor does it work > locally. > > Interesting concept to be able to specify the syslog server > directly in an end user accessible command -- remote DoS > attack vectors spring unbidden to mind. > This is a vulnerability with any syslog server, or in fact, any server connected to a network that syslogs network requests. I could just as easily DoS the system by attacking another service. Syslogd should be defensive in anticipation of this, and indeed, on the three systems I justed checked (FreeBSD, IRIX, and Linux), all have a switch that can be used to disable logging of remotely submitted syslog messages. In the case of systems not directly connected to hostile networks, this scenario is more of a minor nuisance than a major security vulnerability. Klaus
