[prev in list] [next in list] [prev in thread] [next in thread] 

List:       opensuse
Subject:    Re: [opensuse] Re: Why are systemd's logs stored as binaries?
From:       Lew Wolfgang <wolfgang () sweet-haven ! com>
Date:       2016-12-23 23:51:35
Message-ID: f1be3e44-729c-d418-314f-eb3b4c826051 () sweet-haven ! com
[Download RAW message or body]

On 12/23/2016 02:30 PM, Greg Freemyer wrote:
> Personally, I expect journald logs to be better than syslog text logs,
> but little has been said to truly support that.

I think little CAN be said to support that!  journald logs are just
obfuscated text logs.  We all know that Security Through Obscurity
doesn't exist.  I'd think that the only way logs would be completely
trusted by a technologically aware court would be to somehow
cryptographically hash the entries with timestamps and run-time
authorization keys of some sort.

BTW, I've seen requirements for logs to be protected from alteration
by requiring two separate authenticators.  This would imply that root
wouldn't have access, but it would require two separate smartcard or
tokens for access.   Can this kind of a thing even exist in the UNIX/Linux
world?  Windows AD maybe?

Regards,
Lew


-- 
To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org
To contact the owner, e-mail: opensuse+owner@opensuse.org

[prev in list] [next in list] [prev in thread] [next in thread]