[syslog-ng]sync question, feature request
Gregor Binder
gbinder@sysfive.com
Mon, 22 Jan 2001 20:16:31 +0100
todd glassey on Mon, Jan 22, 2001 at 09:21:41AM -0800:
Todd,
> Jason - let me just answer your question here. "What is the problem with
> running NTP on the hosting system as a separate process from the Logger?" -
> The answer is that "Yes there is a problem and this is becuase as an
> evidentiary process, in systems that rely on separate services in the same
> hosting OS context, the quality of the results are always predicated against
> the Systems Admin."
assuming you integrate ntp functionality into syslog-ng - what stops me
from attaching a debugger to syslog-ng as root and modify data or code
to falsify timestamps? True, it's somewhat harder than just killing ntpd
and setting a wrong time manually, but it doesn't mean it cannot be
done.
Or did I get something wrong?
Regards,
Gregor.
--
Gregor Binder <gregor.binder@sysfive.com> http://sysfive.com/~gbinder/
sysfive.com GmbH UNIX. Networking. Security. Applications.
PGP id: 0x20C6DA55 fp: 18AB 2DD0 F8FA D710 1EDC A97A B128 01C0 20C6 DA55