-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-06-18 23:22, Lew Wolfgang wrote:
Perhaps I should have included the original requirement. Here it is:
"The operating system must enforce dual authorization for movement and/or deletion of all audit information, when such movement or deletion is not part of an authorized automatic process."
Then you are talking of audit logs, not files.
Maybe rsyslog could be used to send logs to two external servers operating with different root credentials? Two "roots" would be required to delete all existent copies.
Yes. That can be done, I think. Two roots, on different buildings. At least, different rooms.
I think I'll just let the customer tell me how to do it...
Yep. :-) - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlWDUA4ACgkQja8UbcUWM1wl9gD8DFjnRzcbXYkpUtvgeElMSGdX VML30BLkIYilNJThG6IA/2jwfhBV22FcY8pXuPJL3s3NMzWWEW0z1vwU75bQsEsD =JhYH -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org