Techly NewsGet the app

Get the latest tech news

When root meets immutable: OpenBSD chflags vs. log tampering


Rafael Sadowski

This configuration creates a logical hierarchy: general system messages land in/var/log/messages, while specific services get their own dedicated log files. Even more concerning: any attacker with root access can simply open the log files directly and delete specific lines, modify timestamps, or insert false entries. Once the system reaches normal security level, even root cannot tamper with these logs without rebooting into single-user mode – exactly the kind of forensic integrity ISO 27001 demands.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of log

log

Photo of root

root

Photo of openbsd chflags

openbsd chflags

Related news:

News photo

Watch out, another max-severity, make-me-root Cisco bug on the loose

News photo

Scientists Retrace 30k-Year-Old Sea Voyage, in a Hollowed-Out Log

News photo

New Linux udisks flaw lets attackers get root on major Linux distros

« Donkey Kong Bananza's monologuing villains have turned me: It's time Nintendo properly embraces fully voice acted characters
Arva AI (YC S24) Is Hiring an AI Research Engineer (London, UK) »