not using syslogd in the first place
Jeff Makey
Makey at Logicon.COM
Thu Aug 2 10:27:58 AEST 1990
In article <4559:Aug121:33:5590 at kramden.acf.nyu.edu> brnstnd at kramden.acf.nyu.edu (Dan Bernstein) writes:
>I can flood /dev/log with messages, clogging syslog. That's secure?
>
>If I were a cracker who had just achieved root, I would have to replace
>or restart *one* program to avoid *all* future detection. That's right,
>all security logging goes through *one* hook. There is *no* reliability.
>There is *no* backup. That's secure?
Except when "security through obscurity" actually succeeds, the idea
that a UNIX system can in any way be protected from someone with root
access is completely absurd. Naturally, any standard method of
exception logging (e.g., stderr, syslog) will be insufficiently
obscure to provide the desired security.
>From a security point of view, there are no redeeming features
whatsoever in logging to a file (via stderr in Dan's implementation)
in the face of root access. On the other hand, if logging is done to
a remote machine then there is a possibility of at least *detecting* a
break-in (assuming, of course, that the loghost is not compromised).
:: Jeff Makey
Department of Tautological Pleonasms and Superfluous Redundancies Department
Disclaimer: All opinions are strictly those of the author.
Internet: Makey at Logicon.COM UUCP: {nosc,ucsd}!logicon.com!Makey
More information about the Comp.unix.wizards
mailing list