Re: Re: Serious & personal meditation

My hot spot at the moment is geting into Log4Perl .... it combines the functionality of debugger print statements, emailing or messaging to pagers for a crisis, and logging usage, status and security info.

How do you use Log4perl for security info? Do you make a category for it? Add a priority level?

-Dan

Comment on Re: Re: Serious & personal meditation

Replies are listed 'Best First'.
Re: Re: Re: Serious & personal meditation by TomDLux (Vicar) on May 01, 2004 at 02:21 UTC
I'm not actually using it now, I'm considering a small private project to explore Log4Perl. As far as work situations are concerned, what I meant by security info isn't very different from Apache logging, it's just a matter of context. In particular, at the bank where I worked last winter (hi Vlad), they had a special account WXYZ which ran certain programs, and people would log on as WXYZ and run scripts. Well, that's not very different from logging on as root. So we came up with an suid script named wxyz which would let outside people run programs uzing the WXYZ account ... a first step in migrating away from SU anonymity. Previously, you knew that fifty people had logged on as WXYZ and one of them had run 'rm -rf *'. With the new system, you knew who had done what, because the system logged the requests. -- `TTTATCGGTCGTTATATAGATGTTTGCA`	[reply]

Replies are listed 'Best First'.

Re: Re: Re: Serious & personal meditation
by TomDLux (Vicar) on May 01, 2004 at 02:21 UTC

I'm not actually using it now, I'm considering a small private project to explore Log4Perl.

As far as work situations are concerned, what I meant by security info isn't very different from Apache logging, it's just a matter of context.

In particular, at the bank where I worked last winter (hi Vlad), they had a special account WXYZ which ran certain programs, and people would log on as WXYZ and run scripts. Well, that's not very different from logging on as root. So we came up with an suid script named wxyz which would let outside people run programs uzing the WXYZ account ... a first step in migrating away from SU anonymity.

Previously, you knew that fifty people had logged on as WXYZ and one of them had run 'rm -rf *'. With the new system, you knew who had done what, because the system logged the requests.

--
TTTATCGGTCGTTATATAGATGTTTGCA

[reply]