tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: SoC: Improve syslogd

Rainer Gerhards schrieb:
I think for syslogd it is sufficient to use one global list of trusted
Yes, but how to configure the "permitted sender" ACLs (those systems
that a permitted to send to send messages to the syslogd)?

I was not going to support a seperate host ACL.

I do not think there are enough use cases where one has a list of permittet hosts, but cannot use a directory of permitted certificates. One just copies the certificate or fingerprint instead of adding an IP/hostname to a permitted-list.

Besides there is still hosts_access(3). It is easy enough to configure an IP- or hostname-based ACL in /etc/hosts.allow.


Home | Main Index | Thread Index | Old Index