On Wed, Oct 20, 1999 at 10:13:02PM +1000, Darren Reed wrote:
> In some email I received from Balazs Scheidler, sie wrote:
> [...]
> > > Log Authenticity, Reliability, Immutability, Privacy, and other meaty
> > > security issues:
> > >
> > > * Subjects must have appropriate privilege to log to non-generic
> > > facilities. This could be based on UID, group membership, or,
> > > ideally, Orange Book type "privileges."
> >
> > The problem with this under UNIX-like systems, is that it's impossible to
> > identify the source process sending messages to a given unix socket. (which
> > is the means of sending messages on a UNIX host)
>
> Not on all platforms...
Yet you can't base the protocol on it, because it's not a common feature...
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
url: http://www.balabit.hu/pgpkey.txt
