periodic security run output gives false positives after 1 year
Mike Kelly
pioto at pioto.org
Fri Feb 17 20:22:30 UTC 2012
So, can't you just do this?
1) Make it an option.
2) If it isn't set, keep the output like it is now.
3) Set it by default in new installs, with a comment above it that it
might break things. That way people upgrading get a warning, too, and
can keep it the way it has been if they'd like.
On Fri, Feb 17, 2012 at 14:48, Roger Marquis <marquis at roble.com> wrote:
> On Fri, 17 Feb 2012, Sergey Kandaurov wrote:
>>>
>>> Problem with that would be backwards compatibility, and it's not IMO
>>> worth breaking everyone's syslog parsing scripts to fix an issue that
>>> really isn't due to the date format as much as it is to log rotation.
>>
>>
>> That is not a showstopper. Nothing prevents to merge both formats in one
>> daemon and introduce a new syslogd option to choose the desired format.
>
>
> That would be more of a Linux than BSD way of doing things i.e.,
> deprecating the existing format without giving full consideration to the
> effects on SA scripts and monitoring software, some of which is hardcoded
> and difficult to change without breaking more than it fixes. The current
> syslog syntax timestamp has been reliable now for what, 25+ years? I
> don't personally see any measurable ROI from changing it. YMMV of
> course.
>
> Roger Marquis
>
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
--
Mike Kelly
More information about the freebsd-security
mailing list