[Bug 166255] [net] [patch] It should be possible to disable "promiscuous mode enabled" messages
Eugene Grosbein
eugen at grosbein.net
Thu May 26 16:07:08 UTC 2016
Moving this to net@ per request.
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=166255
>
> --- Comment #26 from Chris Hutchinson <portmaster at bsdforge.com> ---
> (In reply to eugen from comment #25)
>> Default system behaviour is not changed. Reboot is required to disable
>> logging after a change to loader.conf. So, no patching should be required to
>> stay safe.
>
> I understand that. I also agree with you that syslog(3) is not an
> ideal option, either. But as it stands, this new "switch" is still
> a security risk -- it opens a potential "backdoor", however unlikely
> some feel it might be. I'm just not sure that the need, outweighs
> the risk. Is there /really/ no other possible solution. Must a
> decision on this be made right now? Or could more time be given,
> in hopes a better solution might be found?
>
> Lastly, I know status of this bug is essentially "closed",
> and I apologize for responding so late. I would have responded
> earlier. But I was sure a patch in this direction, would have
> been rejected.
The PR and patch make it possible to not log "promisc. mode changed" messages.
In short, you insist that in should NOT be possible to disable those logs
in any way, right?
Eugene Grosbein
More information about the freebsd-net
mailing list