[Bug 695240] Re: $AllowedSender directive is ignored
Simon Déziel
695240 at bugs.launchpad.net
Sat May 25 20:17:25 UTC 2013
Sorry for the noise, I just retested with RELP and indeed the
$AllowedSender doesn't restrict it. The code only allows to restrict
UDP, TCP and GSS connections:
http://git.adiscon.com/?p=rsyslog.git;a=blob;f=runtime/net.c;h=b291213e4ae6caee8b197b40d86ca5ff860b9536;hb=HEAD#l89
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rsyslog in Ubuntu.
https://bugs.launchpad.net/bugs/695240
Title:
$AllowedSender directive is ignored
Status in “rsyslog” package in Ubuntu:
Fix Released
Bug description:
Binary package hint: rsyslog
Even though I have
$AllowedSender TCP, 128.59.145.208, 128.59.147.205, 128.59.147.192,
128.59.144.145
in /etc/rsyslog.conf, rsyslog happily accepts relp messages from
128.59.146.167.
The changelog mentions
rsyslog (3.18.6-1) unstable; urgency=high
* New upstream bugfix release.
- Fix "$AllowedSender" security bypass vulnerability. The "$AllowedSender"
configuration directive was not respected, allowing unrestricted network
access to the application. Closes: #508027
No CVE id yet.
So this looks like a regression.
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: rsyslog 4.2.0-2ubuntu8.1
ProcVersionSignature: Ubuntu 2.6.32-27.49-server 2.6.32.26+drm33.12
Uname: Linux 2.6.32-27-server x86_64
Architecture: amd64
Date: Tue Dec 28 21:35:13 2010
ProcEnviron:
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: rsyslog
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/695240/+subscriptions
More information about the foundations-bugs
mailing list