Not logged in
Log in now
Create an account
Subscribe to LWN
Pencil, Pencil, and Pencil
Dividing the Linux desktop
LWN.net Weekly Edition for June 13, 2013
A report from pgCon 2013
Little things that matter in language design
If this manages to take off, there will be other tools that can read the data, just as other tools can read/write git's repository format.
The Journal - a proposed syslog replacement
Posted Nov 19, 2011 17:05 UTC (Sat) by jmorris42 (subscriber, #2203)
Nope. But note that a git repo that isn't cloned anywhere would be vulnerable to an attacker simply rewriting the hashes and thus being able to alter a repo. On a modern CPU hashing is fairly fast so any project that isn't as huge as the kernel could be compromised. That isn't a problem because anything important is replicated. That is the key to security, the hashing just improves it.
For syslog, replication alone is enough to solve the problem. Adding crypto foolishness and a bunch of binary fluff just makes it more complicated and reduces security. Put a log server somewhere on your network with only the syslog port open. If you are really paranoid you could store sha256 sums of each log as you rotate and pack it away on yet another machine or better on paper. Or just log the important entries on a line printer in real time as others have already suggested. Use a line printer without reverse paper feed and it is physically impossible to change the permanent record.
Posted Nov 19, 2011 22:32 UTC (Sat) by robinst (subscriber, #61173)
> So it replaces text files that can be read and processed with the standard UNIX tools with an undocumented binary format that can only be read by a single tool?
> Think I'll pass.
Posted Nov 20, 2011 1:56 UTC (Sun) by dlang (✭ supporter ✭, #313)
Posted Nov 20, 2011 13:19 UTC (Sun) by robinst (subscriber, #61173)
Posted Nov 20, 2011 20:43 UTC (Sun) by dlang (✭ supporter ✭, #313)
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds