Quoting Pavel Kankovsky (peak_at_argo.troja.mff.cuni.cz):
> 2. implement a method allowing syslogd to identify a subject sending
> messages and...
> 2a. make syslogd record that information (making syslog
> spamming accountable and punishable)
> 2b. implement some kind of quotas in syslogd using
> this information
This doesn't fill up the harddisk, but creates a DoS attack against syslog
(which was already present); so this only fixes the problem for people who
have their logs on partitions that shouldn't fill up.
There are a couple of problems that need to be solved:
- Everyone can fill up a partition by logging things to syslog
- Syslog can't log anymore when the partition where the log resides gets
full
IMHO, the second problem can't be solved; diskspace is always finite.
Rotating is not an option, cyclic logging is not an option - Bad Luck.
So what does need fixing, is the
'everyone-can-fill-up-the-logfile-partition' problem, for which i think the
'sysloggers' group method sounds like a good solution.
Greets,
Robert
--
Linux Generation
encrypted mail preferred. finger rvdm_at_debian.org for my GnuPG/PGP key.
"well you should probably thank me anyway,
those disks needed a major clean up :)" -- Cracker
Received on Oct 04 2001
Intro
