LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

The Journal - a proposed syslog replacement

The Journal - a proposed syslog replacement

Posted Nov 24, 2011 22:16 UTC (Thu) by jacob22 (guest, #81577)
Parent article: The Journal - a proposed syslog replacement

Binary formats require tools to read them. Usually you have a single library for a specific format. This creates s Single Point of Failure. It becomes easy to target the tool rather than the data for the bad guy.

A very big strength of syslog is that it can be read by a large number of tools - from cat to Libreoffice. The multitude of tools have saved me on several occasions when I have been rootkited.

(Log in to post comments)

The Journal - a proposed syslog replacement

Posted Nov 25, 2011 13:51 UTC (Fri) by lindi (subscriber, #53135) [Link]

Doesn't that mean that the attacker can choose which tool to attack and always pick the weakest? For example if you use "cat" then you can be subject to issues described in the 2003 paper titled "TERMINAL EMULATOR SECURITY ISSUES".

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds