[1562] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: Re: signing syslog files with PGP

daemon@ATHENA.MIT.EDU (Pablo Saratxaga)
Thu May 29 02:14:30 1997

To: linux-security@redhat.com
Date: Tue, 27 May 1997 20:05:33 +0200 (MET DST)
In-Reply-To: <199705261114.NAA07377@tiger.cert.dfn.de> from Wolfgang Ley at "May 26, 97 01:14:47 pm"
From: Pablo Saratxaga <srtxg@chanae.stben.be>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com

Kaixo !

 > Hannes R. Boehm wrote:
 > >
 > > I am thinking about writing some sort of deamon which signs syslog
 > > files with PGP.

I find it totally unpracticable.
I have already worked on systems where logfiles are biger than 20 MB in size,
and in some moemets of high load you can end whith several dozens of lines
loged per second.

How do you plan to manage that ?

There is too the problem of storing the passphrase, needed to encode...

And I wonder if that will give any security at all, as you can log through
syslog quite easily, no need to modify the files themselves !

A much better idea imho will be to rewrite a new kind of syslog, that
checks the UID/GID of the process sending the info to log, and allow
writting to log files only if permissions match for that UID/GID.

Eg have a file /var/log/news/news.log be -rw-rw---- news.news
 (sorry, I never remember the octal values) and that only processes of
UID=news or GID=news can wrote to it through syslog.
Whith the current syslog anybody can wrote to it as long as the process
request for that syslog service, regarless of permission of the file
and [UG]ID of the process. 

What do you think of that ? Would that idea will be too difficult to 
implement ? (more difficult than PGP signing ? I doubt it)

-- 

A bienttt,
Pablo Saratxaga

~
~
:wq ;-)                               PGP Key available, key ID: 0x8F0E4975


home help back first fref pref prev next nref lref last post