sysklogd security patch

Joel Miller cheeziologist at mail.isc.rit.edu
Fri Jul 25 07:08:54 PDT 2003


On Fri, 25 Jul 2003 06:49:21 -0500, Dagmar d'Surreal 
<dagmar.wants at nospam.com> wrote:

> On Thu, 2003-07-24 at 12:30, Gerard Beekmans wrote:
>> On Sat, 2003-07-19 at 13:21, Dagmar d'Surreal wrote:
>>
>> If syslog is insecure and all that, would syslog-ng be a good
>> replacement from that point of view?
>
> Syslog-ng is a whole 'nother ball of wax, and an entirely different
> codebase to boot.  From a system stability (read: availability) and
> change management standpoint, if one is already using the normal
> sysklogd package, the patch is a much less intrusive change and requires
> much less work to upgrade to and test.
>
> Let's face it, if security is a priority at a site, then system activity
> logs are _very_ important and it would not be a good idea to go changing
> the one thing that can futz up log data and maybe break anomaly scanners
> without a really, really good reason and plenty of testing.
>

I agree with you but in the context of this book, we are talking about 
building a new system from scratch. If you build syslog-ng from the 
beginning of using your system then there is no problem. Perhaps Gerard was 
saying something else, but I read him as saying that perhaps syslog should 
be replaced with syslog-ng in the book.

-- 
Registered LFS User 6929
Registered Linux User 298182
cheeziologist at attbi dot com is about to be invalid...plz use this new 
address

-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-dev' in the subject header of the message



More information about the lfs-dev mailing list