From owner-freebsd-security  Fri Sep  8 03:29:08 1995
Return-Path: security-owner
Received: (from majordom@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id DAA29335
          for security-outgoing; Fri, 8 Sep 1995 03:29:08 -0700
Received: from strider.ibenet.it (root@[194.179.130.1])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id DAA29325
          for <security@freebsd.org>; Fri, 8 Sep 1995 03:28:50 -0700
Received: (from piero@localhost) by strider.ibenet.it (8.6.12/8.6.12) id MAA22658; Fri, 8 Sep 1995 12:26:38 +0200
From: Piero Serini <piero@strider.ibenet.it>
Message-Id: <199509081026.MAA22658@strider.ibenet.it>
Subject: Re: Do we *really* need logger(1)?
To: stesin@elvisti.kiev.ua (Andrew V. Stesin)
Date: Fri, 8 Sep 1995 12:26:37 +0200 (MET DST)
Cc: wollman@lcs.mit.edu, security@freebsd.org
In-Reply-To: <199509071707.UAA29202@office.elvisti.kiev.ua> from "Andrew V. Stesin" at Sep 7, 95 08:07:26 pm
Reply-To: piero@strider.ibenet.it
Operating-System: FreeBSD 1.1.5.1
X-Phone-Number: +39 (2) 58113562
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Content-Length: 1338      
Sender: security-owner@freebsd.org
Precedence: bulk

Hello.

Quoting from Andrew V. Stesin (Thu Sep  7 19:07:26 1995):
> 	(b) Optional encryption capability for the messages,
> 	    using the system-wide libcrypt facility;
> 	    even very simple one will be good, with parameters stored in
> 	    /etc/syslog.conf. Better than nothing, really.

Use the root passwd on the originating machine to encrypt the logs
sent via network.

               +----+                   +----+
	       | A  | ---- logs to ---> | B  |
	       +----+                   +----+

syslogd on A uses its root passwd to encrypt the data, B just stores
it. 2 possible scenarios:

1) B is the central repository for all the logs in the network.
   It's common practice that the staff on B knows the root passwd
   for all the network machines;
2) B is another machine which stores the logs, but the staff hasn't
   the root passwd. In this situation, B receives logs already encrypted
   regarding a machine they don't have root accesss to, so they probably
   have no need to read the data. If A system manager wants to read
   its own logs, (s)he has the root passwd to do that.

Comments?

Bye,
--
#        $Id: .signature,v 1.12 1995/08/14 12:10:54 piero Exp $
Piero Serini                                            Via Giambologna, 1 
<Piero@Free.IT>                                     I 20136 Milano - ITALY