sysklogd priv seperation

Heiko Zuerker heiko at zuerker.org
Sun Jan 23 12:36:29 PST 2005


Archaic wrote:

>On Sun, Jan 23, 2005 at 01:30:48PM -0600, Heiko Zuerker wrote:
>  
>
>>I don't see a problem running logrotate as root, since it is only 
>>executed 'on demand' by cron.
>>    
>>
>
>All programs that do not *have* to be run as root should not be run as
>root.
>  
>
Agreed. But sometimes it is necessary and then you of course pick the 
no-so-critical one.

>>The 2 only ways to prevent tampering with the logs are
>>1) making sure the logs can not be change (hence chattr)
>>2) usage of a separate log host (but this is only managable by companies)
>>    
>>
>
>3) Protect your box from being rooted. Once rooted, all bets are off. If
>the files are immutable, how are you going to write logs to them?
>
>  
>
'append only' is the trick. The syslog daemon would only be able to add 
data, but not overwrite or delete anything.

>Also, what is hard about running a log server on another box?
>
>  
>
The problem is when you're going outside of a corporate environment, 
i.e. home users.
Home users won't run a log host at home, because it's to loud, to 
expensive, is an overkil etc.

-- 

Regards
  Heiko Zuerker
  http://www.devil-linux.org




More information about the hlfs-dev mailing list