[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Linux-PAM and syslog (POSIX) (fwd)



On Fri, 27 Mar 1998, Theodore Y. Ts'o wrote:
>   Date: Fri, 27 Mar 1998 19:36:41 -0500 (EST)
>   From: "Steve \"Stevers!\" Coile" <scoile@patriot.net>
>
>   Why?  You might just as easily argue that messages should go to different
>   log files according to the time of day, or according to the actual text
>   of the message.  Perhaps the problem is not with the syslog API, but with
>   the syslog implementation.  Perhaps we need a more sophisticaed syslogd.
>
>Why?  Because you might want all security-related log messages to go to
>a single file, and thus use a separable facility.  That makes it much
>easier for auditing systems to scan for security "events".

What defines a "security-related log message"?  *Anything* could
potentially be significant in a security context.

-- 
    Steve Coile
 scoile@patriot.net



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []