Enforce 'secure_mode 1' in default syslog.conf file
This disables the "unauthenticated remote disk-filling service" by default. A user can easily change this to 0 (or 2) to allow other systems to log to their syslogd. Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
This commit is contained in:
Joachim Wiberg
@@ -66,6 +66,14 @@ mail.err /var/log/mail.err
|
||||
#
|
||||
#*.alert root,joey
|
||||
|
||||
#
|
||||
# Secure mode, same as -s, none(0), on(1), full(2). When enabled
|
||||
# only logging to remote syslog server possible, with full secure
|
||||
# mode, not even that is possible. We default to prevent syslogd
|
||||
# from opening UDP/514 and receving messages from other systems.
|
||||
#
|
||||
secure_mode 1
|
||||
|
||||
#
|
||||
# Include all config files in /etc/syslog.d/
|
||||
#
|
||||
|
||||
Reference in New Issue
Block a user