Date: Tue, 28 Sep 2004 18:18:04 -0500 From: Eric Crist <ecrist@secure-computing.net> To: Garance A Drosehn <gad@freebsd.org> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: newsyslog.conf question Message-ID: <A6600D4A-11A4-11D9-8752-000D9333E43C@secure-computing.net> In-Reply-To: <p06110403bd7f9cc6c2e1@[128.113.24.47]> References: <20040928143827.57146.qmail@web52506.mail.yahoo.com> <p06110403bd7f9cc6c2e1@[128.113.24.47]>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sep 28, 2004, at 6:04 PM, Garance A Drosehn wrote: > At 7:38 AM -0700 9/28/04, Ronnie Clark wrote: >> Hello all, >> >> Having read the man page for this file's >> configuration, I notice there is not an option to >> digitally sign the logs on rotation using PGP/GPG. Is >> there a workaround? or are there plans to add this >> functionality to future versions, like 5.3 -STABLE? > > That is not on my list of things to add to newsyslog, but > I could certainly put something for this on the list... > If I do it, it will show up in 5.3-stable, and possibly > even in 4.x-stable (although that is less likely once we > have 5.3-stable). What I might add is some generic way > to specify a program to run after a log file has been > rotated, where newsyslog will specify the name of the > (already rotated) log file when it runs the program. This is not something I had really thought of before today, but it would be a very handy feature to have. The PGP/GPG signature or an MD5 hash, something that could be used to verify the integrity of the log file once it's been rotated. Just my $.02. - ----- Eric F Crist Secure Computing Networks -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (Darwin) iEYEARECAAYFAkFZ8S0ACgkQRAAY9knOW+pDcQCcC/6RyI4NTU++us4teC3KEGgJ VTMAn14BNTrKhLv83KlYlBdDJdp9uk8h =PTBk -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A6600D4A-11A4-11D9-8752-000D9333E43C>