newsyslog.conf question
Eric Crist
ecrist at secure-computing.net
Tue Sep 28 16:19:12 PDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sep 28, 2004, at 6:04 PM, Garance A Drosehn wrote:
> At 7:38 AM -0700 9/28/04, Ronnie Clark wrote:
>> Hello all,
>>
>> Having read the man page for this file's
>> configuration, I notice there is not an option to
>> digitally sign the logs on rotation using PGP/GPG. Is
>> there a workaround? or are there plans to add this
>> functionality to future versions, like 5.3 -STABLE?
>
> That is not on my list of things to add to newsyslog, but
> I could certainly put something for this on the list...
> If I do it, it will show up in 5.3-stable, and possibly
> even in 4.x-stable (although that is less likely once we
> have 5.3-stable). What I might add is some generic way
> to specify a program to run after a log file has been
> rotated, where newsyslog will specify the name of the
> (already rotated) log file when it runs the program.
This is not something I had really thought of before today, but it
would be a very handy feature to have. The PGP/GPG signature or an MD5
hash, something that could be used to verify the integrity of the log
file once it's been rotated.
Just my $.02.
- -----
Eric F Crist
Secure Computing Networks
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
iEYEARECAAYFAkFZ8S0ACgkQRAAY9knOW+pDcQCcC/6RyI4NTU++us4teC3KEGgJ
VTMAn14BNTrKhLv83KlYlBdDJdp9uk8h
=PTBk
-----END PGP SIGNATURE-----
More information about the freebsd-questions
mailing list