Subject: Re: /var/run/log
To: None <email@example.com>
From: Luke Mewburn <firstname.lastname@example.org>
Date: 02/12/2001 05:54:41
On Sun, Feb 11, 2001 at 07:48:49PM +0100, email@example.com wrote:
> > So create yourself a syslog group, change the permissions on /var/log,
> > and put all the appropriate users (root, www, named, uucp, ...) into the
> > group.
> already done :)
> > As I said, tedious work, and doesn't necessarily solve the problem. If a
> > local user wants to cause a denial of service against your machine
> > there are *many* ways in which they can do it.
> what if he have quotas on disk and CPU and process count???
As I said, there are many ways of causing a local DoS, and it can be
extremely non-trivial to tighten up a general-user UNIX box to prevent
As someone who spent a few years running large multi-user UNIX boxes
for a large Computer Science department (with students who always find
ways to avoid doing assignments), it is not an easy task to make a
UNIX box resilient to various denial of service attacks by hostile local