Securing log rotation

David Murn davey at vision.doa.org
Fri Aug 10 21:02:13 EST 2001


On Fri, 10 Aug 2001, Daniel McNamara wrote:

> I've decided to get a little paranoid and start adding a few extra security
> measures to my server. What I want to do is use the chattr command to give
> all currently active log files the "a" settings to allow append only and all
> old logs to be given the "i" setting to help prevent overwriting.

This is rather pointless imho.  If someone has write access to the
directory or the files, they can use chattr themselves anyway.  If someone
breaks in and gets root, its easy enough for them to do it as it is for
them to delete the logfiles without the chattr command.

Davey





More information about the linux mailing list