Date: Mon, 28 Jul 1997 10:04:50 -0400 (EDT) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: David Holland <dholland@eecs.harvard.edu> Cc: security@FreeBSD.ORG Subject: secure logging (was: Re: security hole in FreeBSD) Message-ID: <199707281404.KAA28556@khavrinen.lcs.mit.edu> In-Reply-To: <199707281312.JAA17812@burgundy.eecs.harvard.edu> References: <Pine.BSF.3.95q.970728082931.3000B-100000@cyrus.watson.org> <199707281312.JAA17812@burgundy.eecs.harvard.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Mon, 28 Jul 1997 09:12:37 -0400 (EDT), David Holland <dholland@eecs.harvard.edu> said: > I don't know of any; if you run across one or are thinking about > designing one, please post or mail... absent any other readily > available secure mechanism probably the best bet is to carry log data > over ssh. Of course, this doesn't solve the denial of service issue as > anyone with a login can spam the local syslog. It would be pretty trivial to add Kerberos authentication to syslogd (using krb_mk_safe/krb_rd_safe).... Of course, that doesn't help most users, but perhaps it can serve as an incentive. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199707281404.KAA28556>