/etc/security/audit_warn -- where to log to by default?

Martin Englund Martin.Englund at Sun.COM
Wed Jan 26 10:37:10 GMT 2005



ilmar at watson.org wrote:

> On Tue, 25 Jan 2005, Adam C. Migus wrote:
>
>> The problem I see with this approach is that by allowing syslogd (a
>> userland process) to process messages from different levels and to
>> change it's own level, you are violating the standards and principles of
>> the architecture you're trying to implement.  As an alternative is it
> I don't think so. kernel has no label, but it manages labeled data, having
> access to anything. syslogd can't have no label, because it is userland
> process. And it must manage/process labeled data with different labels. So
> lets make it trusted process, which helps us to enforce our security
> policy. Why not?
>
I'm not a TrustedBSD expert, nor do I play one on TV, but if you have 
implemented WURD, you should be able to log to a syslogd running at 
admin_high (or whatever you call the label that dominates all other), and 
it  writes one logfile which is admin_high.

The other alternative is, as you point out, to make syslogd a trusted 
process and label aware.

cheers,
/Martin
-- 
Martin Englund, Senior Network Security Engineer, Sun IT Security Office
Email: martin.englund at sun.com  Time Zone: MEST/UTC+1  PGP: 1024D/4CDCB50F
"The question is not if you are paranoid, it is if you are paranoid enough."

To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message



More information about the trustedbsd-discuss mailing list