1 |
My guess is that the system logger that is in use is metalog and it is being used as the main flow control agent for the stdout. There is a way to turn it off so that you get it flushing to a file as it happens and not be cached. You may have to look up metalog to find out how to do it if this is indeed the case. I don't use metalog anymore so I don't remember how to do it. |
2 |
|
3 |
________________________________ |
4 |
|
5 |
From: Ned Ludd [mailto:solar@g.o] |
6 |
Sent: Wed 3/17/2004 13:05 |
7 |
To: Michael Atighetchi |
8 |
Cc: gentoo-hardened@l.g.o; gentoo-security@l.g.o |
9 |
Subject: Re: [gentoo-hardened] hardened-sources-2.6.x results. |
10 |
|
11 |
|
12 |
|
13 |
On Wed, 2004-03-17 at 13:44, Michael Atighetchi wrote: |
14 |
> On Wed, Mar 17, 2004 at 01:08:56PM -0500, Ned Ludd wrote: |
15 |
> > On Wed, 2004-03-17 at 12:46, Michael Atighetchi wrote: |
16 |
> > > On Mon, Mar 15, 2004 at 08:20:31PM -0500, Ned Ludd wrote: |
17 |
> > > > hardened-dev-sources-2.6 is available for "testing" |
18 |
> > > > |
19 |
> > > |
20 |
> > > <snip> |
21 |
> > > |
22 |
> > > > Oh wait one more thing.. If you really care about security you probably |
23 |
> > > > should stick with 2.4.x |
24 |
> > > > |
25 |
> > > |
26 |
> > > Could you explain more why you think 2.6 is "less" secure thatn 2.4 ? |
27 |
> > |
28 |
> > I'm not saying that 2.6.x is less secure in anyway. 2.6.x has been out |
29 |
> > all of what a few months? And the security patches even less time. So |
30 |
> > without proper security regression tests done for 2.6.x yet I'll stick |
31 |
> > with recommending that it not be used for production environments yet. |
32 |
> > 2.4.x on the other hand has been audited by many sets of eyes where |
33 |
> > 2.6.x has probably been reviewed by a few. |
34 |
> > |
35 |
> > Auditing and regression testing is welcome. |
36 |
> > |
37 |
> I see. We starting using a 2.4 gentoo linux distribution a couple of |
38 |
> months ago, and had good luck with it. However, we ran into install |
39 |
> difficulties with the 2.6 live cd, which were painfull but we worked |
40 |
> around them. |
41 |
> |
42 |
> However, we currently face an issue with stdout redirection. We start |
43 |
> our java processes via a .sh script and redirect stdout/stderr to a file via |
44 |
> > file.txt 2>&1 . By changing from 2.4 to 2.6 we noticed that |
45 |
> file.txt gets created when the .sh script starts up, up it does not |
46 |
> get any content for a while (about 6 minutes and about 100k of |
47 |
> log), after which the whole file shows up. It looks like a buffering |
48 |
> problem of sort. |
49 |
> |
50 |
> We are using |
51 |
> Linux dcaf 2.6.4-rc2-mm1 #2 Mon Mar 15 17:33:02 EST 2004 i686 Pentium III (Coppermine) GenuineIntel GNU/Linux |
52 |
> with the following fs |
53 |
> /dev/hda3 on / type ext3 (rw,noatime) |
54 |
> |
55 |
> Any clues ? |
56 |
|
57 |
nope I sure don't.. |
58 |
Anybody else with a cluestick have an idea? |
59 |
|
60 |
> |
61 |
> Michael |
62 |
> |
63 |
> |
64 |
> > -peace |
65 |
> > |
66 |
> > > |
67 |
> > > Michael |
68 |
> > > |
69 |
> > > |
70 |
> > > > -peace |
71 |
> > > > |
72 |
-- |
73 |
Ned Ludd <solar@g.o> |
74 |
Gentoo Linux Developer |