[SAGE] -m

["Adam S. Moskowitz" <adamm@menlo.com>]

On Fri, 1 Oct 2004 09:44:26, Doug Hanks <dhanks@gmail.com> wrote:
> I see your attitude is just as worse as Bill's if not worse. I'll
> assume this isn't the general attitude of SAGE?

I respectfully suggest you drop this part of your responses.

> Can you please explain another mechanism that is more secure than syslog,
> and most importantly, impervious to tampering?

No, I won't. The point is simply that syslog is not secure, is not
reliable, and is not resistant to tampering. Implying that it is, or
that a system that relies on syslog would meet SOx requirements is, as
both Bill and I have said, disingenuous.

I do not believe such a mechanism exists, at least, not as a coherent
"system." (I could be wrong, as I'm not an expert -- although I am
skilled enough to know that my assertions about syslog's lack of
reliability and security are correct.) There are things that can be done
to make syslog more secure, but those need to be done on a per-system
basis, well outside the purview of sudosh.

> I would more than likely consider such an idea in my new release.

I strongly encourage you todo so. Ans again, I'm not saying you should
in any way retract or downgrade sudosh as it now stands, but simply, to
stop climing that its use of syslog makes it secure or reliable.

AdamM