Re: /var/adm/auth.log permissions
'Nikhil Nair wrote:'
>I notice that on more than one debian system, /var/adm/auth.log* are
>world readable. Now, if someone logs in incorrectly, typing their
>password instead of their userid, that is a serious security risk.
>Some time ago, I did change it using `chmod o=', but I notice now that
>it's back as it was: it's obviously been created again during logfile
>rotation. How can I fix this? Which package is it part of?
Thanks for the clue. I found the culprit: /etc/cron.weekly/syslogd
It is (at least partially) fixed in syslogd version 1.2-19 (on my ELF
system). It is/was broken in 1.2-15. I'd prefer to have cron.log,
daemon.log, debug, and messages world unreadable too. But at least
auth.log is getting 640 treatment now.
Christopher J. Fearnley | UNIX SIG Leader at PACS
email@example.com | (Philadelphia Area Computer Society)
http://www.netaxs.com/~cjf | Design Science Revolutionary
ftp://ftp.netaxs.com/people/cjf | Explorer in Universe
"Dare to be Naive" -- Bucky Fuller | Linux Advocate