Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 16th May 2008
anomie's Avatar
anomie anomie is offline
Join Date: Apr 2008
Location: Texas
Posts: 445

Originally Posted by starbuck
Does flagging the logs as "sappend" prevent them from being rotated? How do you get around this?
Yes, it does. You could remove the flag, then rotate the logs, then re-add the flag. But then that would imply that you're running in a securelevel < 1 (which somewhat defeats the purpose of the file flag if root can just remove it ).

So the real answer is that your log file will be growing indefinitely (until you take the steps to temporarily get to a lower securelevel and manually rotate it).

If you haven't already, check out the manpages for security(7) and chflags(1). There is a good book I reviewed here that discusses this topic in great detail.
Kill your t.v.
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Basic sshd hardening anomie Guides 12 12th September 2008 03:39 AM
Can I use this link for hardening FreeBSD 7 mfaridi FreeBSD Security 1 9th July 2008 07:35 AM

All times are GMT. The time now is 05:52 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick