Please create an account to participate in the Slashdot moderation system


Forgot your password?
Software Linux

Secure Syslog Replacement Proposed 248

LinuxScribe writes with this bit from IT World: "In an effort to foil crackers' attempts to cover their tracks by altering text-based syslogs, and improve the syslog process as a whole, developers Lennart Poettering and Kay Sievers are proposing a new tool called The Journal. Using key/value pairs in a binary format, The Journal is already stirring up a lot of objections." Log entries are "cryptographically hashed along with the hash of the previous entry in the file" resulting in a verifiable chain of entries. This is being done as an extension to systemd (git branch). The design doesn't just make logging more secure, but introduces a number of overdue improvements to the logging process. It's even compatible with the standard syslog interface allowing it to either coexist with or replace the usual syslog daemon with minimal disruption.
This discussion has been archived. No new comments can be posted.

Secure Syslog Replacement Proposed

Comments Filter:
  • Unnecessary (Score:2, Interesting)

    by Anonymous Coward on Wednesday November 23, 2011 @04:55PM (#38152216)

    The binary format part of this is unnecessary, at least as far as I (with limited low level programming experience) can tell. Other people have been suggesting methods which would mean you just need a cryptographic hash in each otherwise plain text line, in a standard manner. Still at least it has got a discussion started.

  • Re:I don't know... (Score:5, Interesting)

    by pclminion ( 145572 ) on Wednesday November 23, 2011 @06:24PM (#38153278)

    If you are replacing a text file with a binary file then you need to provide equivalent functionality to all of these.

    No, I just need to provide a bin2txt program. The UNIX philosophy, I think you missed it. It's based on simple, self-contained, modular components, not some "everything is just text!" fantasy.

Thus spake the master programmer: "Time for you to leave." -- Geoffrey James, "The Tao of Programming"