log file names (was Additional rule files)

[Russell Coker]

On Sat, 4 Sep 2004 11:12, Erich Schubert <erich at debian.org> wrote:
> The next two rule sets are for the statistic tools "bindgraph" and
> "mailgraph". The first parses bind query logs and does nice graphs out
> of them, the second does the same for postfix+amavis logs.

Do we need to have two different domains for programs that do the same thing?

Both bindgraph and mailgraph can read the same file types as input and their 
output can be accessed by cgi-bin scripts.  It seems that there is little (if 
any) benefit in isolating them.

If we were to assign different types to different log files (may require code 
changes in syslogd) then we could deny the mailgraph program the ability to 
read log files other than mail.log and deny the bindgraph program the ability 
to read mail.log.

Also note that in your policy both those programs can read /var/log/auth.log 
(Debian) and /var/log/secure (Fedora).  This is not desirable, we probably 
should make changes to the syslog setup.

One possible change is greater use of sub-directories in /var/log.  We could 
have /var/log/security/ for auth.log, secure, and any other security critical 
log files and /var/log/mail/ for mail server log files (including POP server, 
and maybe webmail), etc.  Doing this would allow different types for the log 
files with no code changes to syslogd, and this would make it more beneficial 
to have separate domains for mailgraph and bindgraph.

I've CC'd this to fedora-selinux and debian-devel because if we make such 
changes then we want to get some cross-distribution agreement on file names.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page