Restricted access, even for superusers

Started by nullquery, June 02, 2014, 02:18:12 PM

Previous topic - Next topic

nullquery

I think there should be an option in SMF that can only be activated manually through the "Settings.php" (or is always active) that prevents any online user from performing actions that could destroy evidence.

I.e., if this option is turned on then no matter who is logged in and what authority they may have the SMF logs may never be deleted. This would also prevent logs from being automatically deleted unless they're older than X days (also specified in "Settings.php").

The purpose of this would be to protect the administrators from themselves: if anyone were to gain access to their accounts either through an exploit in SMF, brute forcing or social engineering, then it would not be possible for the attacker to remove incriminating logs from the system.

In the future this functionality could be expanded to block other things from being modified and/or lock certain areas so long as the flag is enabled.

Arantor

Eh. If anyone were to gain such access, there are still ways it could be exploited to empty such logs. Even with the measures you proposed.

Also, real world analysis of break-ins suggests that very often such logs don't get touched anyway.
No good deed goes unpunished / All helpful urges should be circumvented

I have something to say: it's better to burn out than to fade away. There can be only one.

Advertisement: