/etc/security/audit_warn -- where to log to by default?
Martin Englund
Martin.Englund at Sun.COM
Wed Jan 26 10:37:10 GMT 2005
ilmar at watson.org wrote:
> On Tue, 25 Jan 2005, Adam C. Migus wrote:
>
>> The problem I see with this approach is that by allowing syslogd (a
>> userland process) to process messages from different levels and to
>> change it's own level, you are violating the standards and principles of
>> the architecture you're trying to implement. As an alternative is it
> I don't think so. kernel has no label, but it manages labeled data, having
> access to anything. syslogd can't have no label, because it is userland
> process. And it must manage/process labeled data with different labels. So
> lets make it trusted process, which helps us to enforce our security
> policy. Why not?
>
I'm not a TrustedBSD expert, nor do I play one on TV, but if you have
implemented WURD, you should be able to log to a syslogd running at
admin_high (or whatever you call the label that dominates all other), and
it writes one logfile which is admin_high.
The other alternative is, as you point out, to make syslogd a trusted
process and label aware.
cheers,
/Martin
--
Martin Englund, Senior Network Security Engineer, Sun IT Security Office
Email: martin.englund at sun.com Time Zone: MEST/UTC+1 PGP: 1024D/4CDCB50F
"The question is not if you are paranoid, it is if you are paranoid enough."
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list