lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Thu, 19 Feb 2009 18:52:14 -0800 (PST)
From:	Nick Levinson <nick_levinson@...oo.com>
To:	linux-kernel@...r.kernel.org
Subject: suggest allowing comments in current syslog and other logs

An unusual series of log events might be readily explainable by root or another user, the best time to do so might be shortly after the time of the events, and the best place to do so might be in the log.

Which other user/s should be allowed to comment directly in the log should be up to root. Nonroot users authorized to comment could be one or more, or all, human users and/or one or more, or all, nonhuman users.

A facility to add a comment to the current position or a prior position in the log should be available, with the comment necessarily date-time stamped and commenter-signed. Prior positions should be any in the current log that is related to an event under the commenter's control, so a nonroot user should not be able to comment in a root-generated event. Or a comment-only entry should be insertable between other events regardless of whose events they were.

The facility should allow root to scroll back in the log, so root can find the appropriate location to comment. A nonroot user should only be able to specify the date and time where the comment should be positioned within the log without being able to read the log; if such a date and time do not exist in the log, the facility should have a root-specified protocol for positioning the comment (e.g., at the beginning of entries for the date) without revealing the location or the use of the protocol to the user.

A root-editable library of template comments should be available, to allow standardizing. A user should be able to maintain their own editable set or template of comments without knowledge of root's template; root should be able to supply an initial template to a user.

A comment by root only should be cleanly removable, to leave no trace of its presence. A comment by any other user should be removable but with a trace of the prior comment necessarily remaining, unless root wants to authorize or perform clean removal.

One admission: I don't have the requisite programming skill, so I'd like to put the idea out for others to take.

What do you think?

Thank you.

-- 
Nick


      
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ