Simple Machines Community Forum

SMF Development => Feature Requests => Topic started by: nullquery on June 02, 2014, 02:18:12 PM

Title: Restricted access, even for superusers
Post by: nullquery on June 02, 2014, 02:18:12 PM
I think there should be an option in SMF that can only be activated manually through the "Settings.php" (or is always active) that prevents any online user from performing actions that could destroy evidence.

I.e., if this option is turned on then no matter who is logged in and what authority they may have the SMF logs may never be deleted. This would also prevent logs from being automatically deleted unless they're older than X days (also specified in "Settings.php").

The purpose of this would be to protect the administrators from themselves: if anyone were to gain access to their accounts either through an exploit in SMF, brute forcing or social engineering, then it would not be possible for the attacker to remove incriminating logs from the system.

In the future this functionality could be expanded to block other things from being modified and/or lock certain areas so long as the flag is enabled.
Title: Re: Restricted access, even for superusers
Post by: Arantor on June 02, 2014, 02:20:07 PM
Eh. If anyone were to gain such access, there are still ways it could be exploited to empty such logs. Even with the measures you proposed.

Also, real world analysis of break-ins suggests that very often such logs don't get touched anyway.