From: Paul Lussier > Not knowing the letter of the standard, or the standard for that > matter, I can not speak definitively on the matter.
It's OK - nobody really does except the people who want $300/hr to give you evasive answers on the matters. > This may or may not suffice for the current needs depending upon the > definition of 'tamper-proof'. I.e., if tamper-proof means 'once > written to disk they can never be changed' then it will work. If > tamper-proof means 'there can be no possible way the data could be > intercepted between memory and writing to disk, then obviously it > won't work. Since, if you're writing to a remote file system over the > network, there is ample opportunity to intercept the log data. See you're thinking logically here, doing reasonable risk assessment. Remember these are the guys who wanted me to dump md5 password hashes because it wasn't encryption, and they read encryption==security! Any of these methods are one PHP bug and one vmsplice() bug away from being tampered anyway, so hanging things by multiple chains is clearly advised. From: "Ben Scott" > A standards specification document can't provide security. It can > provide a list of good ideas -- like protecting your logs against > tampering -- to help you implement good security practices, but > running through a checklist isn't a substitute for doing it with the > right attitude. People whose lives are made difficult by bad security understand these things. People who are trying to duck and run for cover like to create distractions and threaten rate surcharges. > BTW, Bill -- you have comment spam in that blog entry. How > ironic. :-) Eh, I left it because it was was at least on-topic even if it was a bit self-promoting. I figured the guy must've typed it by hand since he misspelled his own URL. No help on this PageRank there. :) -Bill ----- Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 [EMAIL PROTECTED] Cell: 603.252.2606 http://www.bfccomputing.com/ Page: 603.442.1833 Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
