> Security Comments
>
> * I think almost all writable data nodes here are sensitive, because
a network
> attacker's first move is to block any logging on the host, and many
of the data
> nodes here can be used for this purpose.
>
> [clw1] I will reword the security section to include all writeable nodes
as sensitive.
>
> * Re: readable data nodes, I'm not
> sure which are sensitive, and the document should give an example or
two rather
> than just say "some". Otherwise the security advice is not
actionable. One
> example: "remote" sections leak information about other hosts in the
network.
>
> [clw1] This text was lifted from another model. I will review the
readable nodes and update.
>
> * Write operations... can have a negative effect on network
operations. - I would
> add "and on network security", because logs are often used to detect
security
> breaches.
>
> [clw1] I will add this phrase.
>
The fact that the syslog data nodes are write-sensitive can be made explicit in
the model by making the whole configuration tree nacm:default-deny-write, and
making read-sensitive subtrees nacm:default-deny-all.
Thanks,
Gary Wu
_______________________________________________
netmod mailing list
netmod@ietf.org
https://www.ietf.org/mailman/listinfo/netmod
