If you look in /etc/newsyslog.conf, /var/log/messages gets trimmed once it
reaches a certain size. By default, this is 30K. 

The first rule of Fight Club is You Do Not Talk About Fight Club.

// Erik Huizing   huizing@cpsc.ucalgary.ca
// www.cpsc.ucalgary.ca/~huizing

On Sun, 11 Feb 2001 wojtek@wojtek.from.pl wrote:

> > On Sun, Feb 11, 2001 at 11:09:22AM +0100, wojtek@wojtek.from.pl wrote:
> > > why it have 666 permissions - it allows everybody to log anything and with
> > > -t option it could look like anything else (for eg. kernel messages)
> > 
> > How else do you allow arbitrary programs that don't run as root to log to
> > syslog unless it's world writable?  Creating a special `syslog' group and
> > putting all the appropriate users in seems tedious to me.
> i was doing this on linux and i'm suprised the same on netbsd is possible,
> > 
> > If you check usr.sbin/syslogd/syslogd.c::printline(), you'll see:
> > 	/* don't allow users to log kernel messages */
> > 	if (LOG_FAC(pri) == LOG_KERN)
> > 		pri = LOG_MAKEPRI(LOG_USER, LOG_PRI(pri));
> what about:
> 
> a) logger -t su "wojtek to root on /dev/ttyp7"
> add -p to select the same logfile that normal su does (i have 1 logfile
> for everything)
> 
> b) while true;do echo zzzzzzzzzzzzzzzzzzzzzzzzzzzzz|logger ;done
> 
> and pollute logfiles
> 
>