On 07/12/11 14:08, Ruediger Meier wrote:
On Wednesday 07 December 2011, Cristian Rodríguez wrote:
On 07/12/11 13:13, Peter Nikolic wrote:
Well should not be so wide open to them then simple
That's not possible... any process can claim to be $yourfavoritesoftware. there is no authentication nor access control, by design.
? They were talking about reading log files.
No, stefan replied saying that logs files can be manipulated by attackers, particulary writting fake syslog messages. If you have an idea on how to make the messages authenticated, have access control, metadata, a single structure, all of that suitable for servers that log lots of stuff per second in a plain text file, without breaking already existent syslog implementations and tools ..bring it on. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org