[syslog-ng] Re: syslog-ng digest, Vol 1 #39 - 14 msgs

[Balazs Scheidler]

> > Yes, it's a good idea. My solution will be that I'll simply call a script
> > and the local sysadmin can do anything he wants. By default a script which
> > sends a pgp encrypted message will be supplied.
> 
> I don't think it is good idea to call external script. It can be simply
> repleaced by any one who will get root privileges in any way.

It is not possible IMHO to protect the random keys any other way. Once an
intruder got in, we cannot protect any new keys. (the pgp binary could also
be changed so that it generates bogus data)

The whole point of generating hashes of log messages is to alert the
sysadmin if something went wrong. If logfiles or hashes are deleted, it's an
alert too. It's outside the scope of syslog-ng to protect itself and it's
accompanying scripts, this should be done with another tool (for instance
tripwire)

-- 
Bazsi