Re: The disappearing sys_call_table export.

From: Alan Cox (alan@lxorguk.ukuu.org.uk)
Date: Sun May 11 2003 - 16:46:32 EST


On Sul, 2003-05-11 at 23:32, Yoav Weiss wrote:
> > Not on the systems I've seen. Max log file size is 4GB and the
> > logs are on their own partition. If the file fills up the system
> > crashes immediately and only administrators can log in after reboot
> > until the logs are archived.
>
> Why would anyone design a system like that ?!
> The logging of every security system is prone to flooding. You may have
> noticed that your syslog sometimes spits "Last message repeated N times"
> so it won't repeat itself. A system that doesn't deal with this issue in
> any way can't be secure. There are a lot of methods to deal with it but I

Security to some people means that nothing happens unrecorded. Most high
security environments treat DoS attacks as the least interesting. You
knocked down my military server - who cares. You stole my list of secret
command centres - Im deeply upset.

Security requirements are heavily dependant on role and people sometimes
forget that. Being down is bad news for an ecommerce site but in many
other situations its infinite preferably to most other situations

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Thu May 15 2003 - 22:00:37 EST