tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: SoC: Improve syslogd



On Mon, May 26, 2008 at 11:58 PM, Martin Schütte 
<lists%mschuette.name@localhost> wrote:
> Rainer Gerhards schrieb:
>>
>> One thing, though. I would find it useful if the presence of a file is
>> not the only permission "indicator". How about the first line being
>> either "OK", "UNKNOWN" or something else. In case of "OK", the sender
>> is permitted. In case of "UNKNOWN", this is a yet-unknown fingerprint,
>> which needs to be authorized by an operator but is not yet permitted
>> to send to us. This would solve the approval issue that is lingering
>> behind fingerprint authentication. Anything else would mean "not
>> permitted".
>
> You want the syslogd to write new fingerprints into the directory?
> I do not think that is a good idea. First it should not be allowed to do so
> and have only read access to that directory (or any configuration).
> But more important: where is the benefit of having 10 fingerprints with
> content "UNKNOWN" there?

These could be displayed to a user as new connection requests. Then,
the user can authorize them or deny access.

> From that perspective a textfile with fingerprints would be more useful,
> because one can write the hostnames as comments into it.
>
>> And if we go a little bit further, there could actually be two value
>> in the first line (or one each in the first two lines). The permission
>> state and the usage, e.g. "CLIENT" and "SERVER". In that case,
>> something flagged as CLIENT could only be used to authenticate a
>> sender, while a "SERVER" flag means we can authenticate the receiver
>> when we send.
>
>> How does this sound?
>
> To be honest: complicated.
>
> If there is more content than the fingerprint=filename itself, then one file
> is usually beter than 1-20 files.

OK - I think I'll stay tuned on what you implement and later see if I
can be compatible to it.

> And I am still undecided wether
> client/server certs are worth the effort. (Not only in implementing but also
> in administering as a user.)

What exactly do you mean - different certs for client and server use?
Or cert-based authentication for client and server function? The later
is currently mandated by syslog-transport-tls...

Rainer


Home | Main Index | Thread Index | Old Index