Date: Fri, 16 Feb 2001 12:23:17 -0500
From: hal King <hck@UTK.EDU>
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: ?? posible problem monitoring syslog ?? (from Sun patch 106439-07)
In a recent Sun patch (106439-07) the following text appears:
-----------------------------------------------------------------------
NOTE 3:
The fix for bug 4353901 fully allows forwarding of messages which
contain characters defined in the system default locale. Care should
be taken to ensure that each window displaying messages forwarded by
syslogd (especially console windows) is run in the system default locale
(which is syslogd's locale). If this advice is not followed, it may be
possible for for a syslog message to alter the terminal settings for
that window, possibly even allowing remote execution of arbitrary
commands from that window
-----------------------------------------------------------------------
I don't know how likley this might be, but I thought I'd send it along to see
if anyone could find a way that it might be a real problem. At least don't
use a term with root privs to monitor log files. Just to be safe.
--
hal king Unix System Group
pgp key http://web.utk.edu/~hck/hal.asc No hot dog, email.
