[Fed-Talk] Security Issue: BSM problem runs deeper
[Fed-Talk] Security Issue: BSM problem runs deeper
- Subject: [Fed-Talk] Security Issue: BSM problem runs deeper
- From: Todd Heberlein <email@hidden>
- Date: Thu, 11 Oct 2007 16:09:02 -0700
To Common Criteria users,
Following up on the problems with ssh, I have confirmed additional
network services on 10.4.10 are not audited as well. On a hunch I
turned on FTP and finger (I don't recommend this), and did some
fingering and ftp from a remote system -- no audit records were
generated even though I had specified "all" in audit_control.
So the problem runs deeper than ssh. I haven't verified how deep this
goes, but I thought I would throw out a warning.
One possibility, ssh, finger, and ftp are all launched via the
relatively new launchd service. I am wondering if this is a
contributing factor.
I will keep testing...
Todd
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden