/etc/security/audit_warn -- where to log to by default?

[fergus]

On 25.01-09:34, Ilmar S. Habibulin wrote:
[ ... ]
>                     What can we do with syslogd? Give it permission to
> change its' own label. Set the label of /var/run/log to "*/equal". So
> everybody can write to the log. Now syslog reads data and decides which
> log it must be stored to. Then it changes own label to be equal to the
> appropriate log and writes to it.

this would be very insecure.  the privilage your talking about
(arbitary label switching) would basically give the box away.

-- 
: fergus cameron                :   [ .]        cobbled    :
: ^^^^^^@cobbled.net            : [ ~][ ]             .net :

To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message