append only file system - selinux?
Remco Treffkorn
remco at rvt.com
Fri Mar 25 20:00:23 UTC 2005
On Friday 25 March 2005 08:50, Chris Stankaitis wrote:
> Esentially as I mentioned what we need to create is a centralized
> logging server where all our boxes will log to, which in itself is setup
> in a way so that even root can not modify the logs without it being
> painfully obvious that the server had been compromised. We would be
> turning off logrotate, the box would be a minimal install, with it's
> only function to run a logger which would write local messages, as well
> as take in the logs from all other servers.
So why not just prevent any logins on this box? No users, no root login
allowed.
Admin would have to be done using a rescue CD or something similar.
--
Remco Treffkorn (RT445)
HAM DC2XT
remco at rvt.com (831) 685-1201
More information about the devel
mailing list