[prev in list] [next in list] [prev in thread] [next in thread]
List: syslog-ng
Subject: Re: [syslog-ng]sync question, feature request
From: Gregor Binder <gbinder () sysfive ! com>
Date: 2001-01-22 18:45:21
[Download RAW message or body]
todd glassey on Mon, Jan 22, 2001 at 09:21:41AM -0800:
Todd,
> Jason - let me just answer your question here. "What is the problem with
> running NTP on the hosting system as a separate process from the Logger?" -
> The answer is that "Yes there is a problem and this is becuase as an
> evidentiary process, in systems that rely on separate services in the same
> hosting OS context, the quality of the results are always predicated against
> the Systems Admin."
assuming you integrate ntp functionality into syslog-ng - what stops me
from attaching a debugger to syslog-ng as root and modify data or code
to falsify timestamps? True, it's somewhat harder than just killing ntpd
and setting a wrong time manually, but it doesn't mean it cannot be
done.
Or did I get something wrong?
Regards,
Gregor.
--
Gregor Binder <gregor.binder@sysfive.com> http://sysfive.com/~gbinder/
sysfive.com GmbH UNIX. Networking. Security. Applications.
PGP id: 0x20C6DA55 fp: 18AB 2DD0 F8FA D710 1EDC A97A B128 01C0 20C6 DA55
_______________________________________________
syslog-ng maillist - syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic