On 15 Mar 2002, at 11:22, Sweth Chandramouli wrote: > Also, what are people's takes on using these mechanisms > on log files? I tend to set append-only on them, although that requires > some mild kludgery to twiddle the attr before/after log rotation; I don't > know that it provides much extra security, however, given that the files > are already owned by root, and thus anyone who could tamper with them > could also twiddle turn off the append-only attr. this is, of course, the security-achilles-heel of Unix -- that it has "one bit" security: either your root is safe [and then minimal security provisions are fine], or you're root-compromised [and then virtually NOTHING will save you]. Mostly I agree: make the files 600/root and be done with it. /Bernie\ -- Bernie Cosell Fantasy Farm Fibers mailto:bernieat_private Pearisburg, VA --> Too many people, too few sheep <-- --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Fri Mar 15 2002 - 10:14:58 PST