securelevel=3 and append-only: can I use this for files in /var/log/ ?

Rob nospam at users.sourceforge.net
Mon Apr 19 08:35:31 PDT 2004

Previous message: Dependency hell
Next message: mod_perl installation and non-standard perl path
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

To prevent a possible intruder to modify the syslog files
(unless rebooting the system), would following cause havoc
on my FreeBSD-stable PC, or would it add the expected security:


as root:
   # chflags sappnd /var/log/*

rc.conf:
   kern_securelevel_enable="YES"
   kern_securelevel="3"

And reboot the system.

Rob.

Previous message: Dependency hell
Next message: mod_perl installation and non-standard perl path
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the freebsd-questions mailing list