| Deutsch English Français Italiano |
|
<vqpm42$2221u$1@dont-email.me> View for Bookmarking (what is this?) Look up another Usenet article |
Path: news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail From: Pancho <Pancho.Jones@protonmail.com> Newsgroups: comp.os.linux.misc Subject: Re: More systemdCrap Date: Tue, 11 Mar 2025 15:50:25 +0000 Organization: A noiseless patient Spider Lines: 42 Message-ID: <vqpm42$2221u$1@dont-email.me> References: <vqn41l$1efis$1@dont-email.me> <vqna2v$1fks2$1@dont-email.me> <vqnbm7$1g56j$1@dont-email.me> <gjo3alxe38.ln2@Telcontar.valinor> <vqnja1$1hrbi$1@dont-email.me> <rq44alxv4u.ln2@Telcontar.valinor> <20250310152856.00004b5a@gmail.com> <vqoqfk$1s78c$3@dont-email.me> <op.228vudbda3w0dxdave@hodgins.homeip.net> <vqpinq$210sd$5@dont-email.me> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Injection-Date: Tue, 11 Mar 2025 16:50:27 +0100 (CET) Injection-Info: dont-email.me; posting-host="11bffce6b6aecc3d80deb806213bdf21"; logging-data="2164798"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18QiB5EbMoXfd4fZfRG2IwmqIa3THXQa0E=" User-Agent: Mozilla Thunderbird Cancel-Lock: sha1:61Jyq6kR6JFv17DJAmhGPnx2MDo= Content-Language: en-GB In-Reply-To: <vqpinq$210sd$5@dont-email.me> On 3/11/25 14:52, The Natural Philosopher wrote: > On 11/03/2025 12:33, David W. Hodgins wrote: >> On Tue, 11 Mar 2025 03:58:44 -0400, The Natural Philosopher >> <tnp@invalid.invalid> wrote: >> >>> On 10/03/2025 22:28, John Ames wrote: >>>> On Mon, 10 Mar 2025 23:14:19 +0100 >>>> "Carlos E.R." <robin_listas@es.invalid> wrote: >>>> >>>>> Nothing is broken, it has been intentionally designed this way >>>> >>>> Okay, sure - but that design is stupid. >>>> >>> Exactly. >>> >>> Journalctl should be able to take the One True Logfile and scan it, >>> rewriting items to be retained and discarding items to be deleted . >> >> In other words make it as easy as possible for an inttruder to cover >> any trace of their >> activities. >> >> Great log that would be for determining what an intruder did. >> > Dont you think any intruder would not already have written a journalctl > to do exactly that? > Sheesh > Carlos has already suggested that there might be a method to cryptographically sign the logs, making alterations very difficult, even to a privileged user. The basic pattern for immutable audit logs is mature due to the requirements of financial systems. Whether systemd have implemented a reliable system or not, I don't know, but they could. >> Regards, Dave Hodgins >