> Security Comments > > * I think almost all writable data nodes here are sensitive, because a network > attacker's first move is to block any logging on the host, and many of the data > nodes here can be used for this purpose. > > [clw1] I will reword the security section to include all writeable nodes as sensitive. > > * Re: readable data nodes, I'm not > sure which are sensitive, and the document should give an example or two rather > than just say "some". Otherwise the security advice is not actionable. One > example: "remote" sections leak information about other hosts in the network. > > [clw1] This text was lifted from another model. I will review the readable nodes and update. > > * Write operations... can have a negative effect on network operations. - I would > add "and on network security", because logs are often used to detect security > breaches. > > [clw1] I will add this phrase. >
The fact that the syslog data nodes are write-sensitive can be made explicit in the model by making the whole configuration tree nacm:default-deny-write, and making read-sensitive subtrees nacm:default-deny-all. Thanks, Gary Wu _______________________________________________ netmod mailing list netmod@ietf.org https://www.ietf.org/mailman/listinfo/netmod