Date: Tue, 18 Jan 2000 13:25:17 +0800 (+0800) From: Michael Robinson <robinson@netrinsics.com> To: k.stevenson@louisville.edu, oogali@intranova.net Cc: freebsd-security@freebsd.org Subject: Re: Parent Logging Patch for sh(1) Message-ID: <200001180525.NAA03003@netrinsics.com> In-Reply-To: <20000117232022.A87011@osaka.louisville.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Keith Stevenson <k.stevenson@louisville.edu> writes: >However >in the case of a root compromise all local logs are useless since they may >have been altered by the attacker. (After all, they can't _all_ be script >kidz.) That would be the case for logs that don't have the sappnd flag set. You *do* set the sappnd flag on your security-related logfiles, don't you? -Michael Robinson To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001180525.NAA03003>