PATCH: sftp-server logging.
Andrew Bartlett
abartlet at pcug.org.au
Sun Apr 7 12:13:07 EST 2002
Dan Kaminsky wrote:
>
> > if you expect all ftpd features in sftp, then write your
> > own sftpd.
>
> i expect the basics of any file transfer daemon. show me one that doesn't
> log (ok besides samba, but you have no idea how horrific that protocol is.
> there's a reason luke leighton scares everyone with his hex divining
> skills.)
Even Samba has rudimentary audit logs as an optional VFS module.
> we're smart people, we know the difference between file transfer security
> and code execution security. some companies don't.
>
> they get hacked regularly.
I have to agree, sftp should make an attempt to log its work. I
understand the current patch uses syslog - which despite its problems is
*much* better than nothing.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the openssh-unix-dev
mailing list