I apologize, I'm ill and not generally up to providing detailed responses. So just some sourced facts to counter [1] untruths. For education on what current syslogs do, http://blog.gerhards.net/2012/10/main-advantages-of-rsyslog-v7-vs-v5.html is a possible start and http://www.rsyslog.com/doc/manual.html contains much more. On Tue, Oct 9, 2012 at 11:24 PM, Lennart Poettering <mzerqung@xxxxxxxxxxx> wrote: > I am not generally against adding time-based rotation, but really, this > is much less of a "necessity" than other things the journal provides, > which syslog does not: for example per-service rate limits, False. http://www.rsyslog.com/doc/imuxsock.html, "There is input rate limiting available", currently enabled by default in Fedora. > and > unfakable meta-data for log messages. False: http://www.rsyslog.com/doc/imuxsock.html, "trusted syslog properties are available" (and in v7 they can be enabled in the Fedora configuration by default) On Wed, Oct 10, 2012 at 12:08 AM, Lennart Poettering <mzerqung@xxxxxxxxxxx> wrote: > I am not a security guy, but having > logs where unprivileged users cannot insert undetectable fakes (Re: the implied claim that systemd provides that): For the "unprivileged user" part, see above. For the cryptographic protection, false. http://cgit.freedesktop.org/systemd/systemd/tree/man/journalctl.xml#n358 defaults to 15 minutes, which is an eternity. Mirek [1] An adjective belongs here. I can think of about 10 candidates, but I feel too ill and grumpy to trust myself to choose well. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
