Date: Fri, 9 Jul 1999 12:45:32 -0400 (EDT) From: Robert Watson <robert@cyrus.watson.org> To: proff@suburbia.net Cc: Warner Losh <imp@village.org>, alla@sovlink.ru, avalon@coombs.anu.edu.au, security@FreeBSD.ORG Subject: Re: Syslog alternatives? Message-ID: <Pine.BSF.3.96.990709124340.24202L-100000@fledge.watson.org> In-Reply-To: <19990709163459.22243.qmail@suburbia.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 10 Jul 1999 proff@suburbia.net wrote: > > In message <3785AB58.2B3D8F05@sovlink.ru> Alla Bezroutchko writes: > > : > Prove to me that your log files have any integrity, in such a way that > > : > I cannot dispute it. > > : > > : How integrity is achieved with syslog's alternatives? > > > > That's a good question.... In order to do that, you'd have to have > > some kind of public-key private-key mechanism based on shared secrets > > to be sure. I'm not sure how you can really achieve a secure log file > > integrity when things like VI exist... > > > > Warner > > Just because you can't think of an answer doesn't mean there isn't one :) I still lean towards a combination of existing securelevel code, and a protected process flag indicating that the process may not be intefered with by unauthorized userland code (i.e., no debugging, signaling, etc). Alternatively a kernel thread, but the lack of preemption is unappealing. Also, a kernel-based "integrity stamper" that MAC's a log entry along with some noise, and a date-time stamp, would at least prevent individual records from being modified or reordered. It doesn't prevent removal, but as long as the kernel is ok, it's worth something. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Computing Laboratory at Cambridge University Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990709124340.24202L-100000>