From owner-freebsd-security  Sat Aug 22 06:01:11 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id GAA27689
          for freebsd-security-outgoing; Sat, 22 Aug 1998 06:01:11 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from po8.andrew.cmu.edu (PO8.ANDREW.CMU.EDU [128.2.10.108])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA27683
          for <freebsd-security@freebsd.org>; Sat, 22 Aug 1998 06:01:09 -0700 (PDT)
          (envelope-from tcrimi+@andrew.cmu.edu)
Received: (from postman@localhost) by po8.andrew.cmu.edu (8.8.5/8.8.2) id JAA06982 for freebsd-security@freebsd.org; Sat, 22 Aug 1998 09:00:26 -0400 (EDT)
Received: via switchmail; Sat, 22 Aug 1998 09:00:25 -0400 (EDT)
Received: from unix14.andrew.cmu.edu via qmail
          ID </afs/andrew.cmu.edu/service/mailqs/q004/QF.wprg2Ay00YUq01qEE0>;
          Sat, 22 Aug 1998 08:58:53 -0400 (EDT)
Received: from unix14.andrew.cmu.edu via qmail
          ID </afs/andrew.cmu.edu/usr18/tcrimi/.Outgoing/QF.Iprg2Aa00YUq02dGU0>;
          Sat, 22 Aug 1998 08:58:52 -0400 (EDT)
Received: from mms.4.60.Jun.27.1996.03.02.53.sun4.51.EzMail.2.0.CUILIB.3.45.SNAP.NOT.LINKED.unix14.andrew.cmu.edu.sun4m.54
          via MS.5.6.unix14.andrew.cmu.edu.sun4_51;
          Sat, 22 Aug 1998 08:58:52 -0400 (EDT)
Message-ID: <cprg2AW00YUq02dGM0@andrew.cmu.edu>
Date: Sat, 22 Aug 1998 08:58:52 -0400 (EDT)
From: Thomas Valentino Crimi <tcrimi+@andrew.cmu.edu>
To: freebsd-security@FreeBSD.ORG
Subject: Re: Scaring the bezeesus out of your system admin as a normal user:
In-Reply-To: <Pine.BSF.3.96.980821183339.26762D-100000@Tyr.office.EFN.org>
References: <Pine.BSF.3.96.980821183339.26762D-100000@Tyr.office.EFN.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org



  Of course, one could also build an authentication system into syslogd
( using ssh with RSAauth as a portal comes to mind as a quick way to
accomplish this. )

  syslogd would have to be modified to use long-lived TCP sockets, or, a
second daemon could be written for the sole purpose of passing syslogd
messages around.  Say, a named pipe which syslogd logs to, then that
info is sent to the daemon on the next machine via secure means, which
then uses it's PF_LOCAL auth to pass the messages to the the second
machine's syslogd.

  All of this of course is as reliable as the root account on all the
machines, as always with syslogd, at least it woudl make forgery a
cryptographic challenge, though.

  Tom


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message