Re: Removing system users on purge [Re: Bits from the release team: the plans for etch]

To: debian-devel@lists.debian.org
Subject: Re: Removing system users on purge [Re: Bits from the release team: the plans for etch]
From: Frank Küster <frank@debian.org>
Date: Thu, 27 Oct 2005 10:29:08 +0200
Message-id: <[🔎] 87acgv8isr.fsf@alhambra.kuesterei.ch>
In-reply-to: <[🔎] 20051026191236.GC6026@ns.snowman.net> (Stephen Frost's message of "Wed, 26 Oct 2005 15:12:36 -0400")
References: <[🔎] 20051025105240.GA21436@javifsp.no-ip.org> <[🔎] E1EUOsY-0000Jv-F3@scyw00225.scy001.de> <[🔎] 20051025202118.GA10290@javifsp.no-ip.org> <[🔎] E1EUecU-0004QS-NV@scyw00225.scy001.de> <[🔎] 20051026091100.GA3940@javifsp.no-ip.org> <[🔎] 20051026115319.GE15626@boogie.lpds.sztaki.hu> <[🔎] 20051026135036.GB26323@javifsp.no-ip.org> <[🔎] 87irvkti6r.fsf@alhambra.kuesterei.ch> <[🔎] 20051026154548.GA30978@javifsp.no-ip.org> <[🔎] 20051026184857.GC3379@rzlab.ucr.edu> <[🔎] 20051026191236.GC6026@ns.snowman.net>

Stephen Frost <sfrost@snowman.net> wrote:

> * Don Armstrong (don@debian.org) wrote:
>> On Wed, 26 Oct 2005, Javier Fernández-Sanguino Peña wrote:
>> > On Wed, Oct 26, 2005 at 05:24:28PM +0200, Frank Küster wrote:
>> > > What about log files with sensitive content?
>> > 
>> > Non-issue, as I said in the end of my post, those should be removed
>> > on purge.
>> 
>> The log files that are created by the default package configuration
>> should be removed, but custom modifications to the configuration can
>> cause logfiles to be created elsewhere that are owned by the user in
>> question.
>
> Have we actually got a specific case of this happening and there being a
> real security threat from it?

When I ran a samba server years ago, I changed the default log file names
and, IIRC, location.

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Reply to:

Follow-Ups:
- Re: Removing system users on purge [Re: Bits from the release team: the plans for etch]
  - From: Stephen Frost <sfrost@snowman.net>

References:
- Re: Bits from the release team: the plans for etch
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Bits from the release team: the plans for etch
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Bits from the release team: the plans for etch
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Bits from the release team: the plans for etch
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Bits from the release team: the plans for etch
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Bits from the release team: the plans for etch
  - From: Gabor Gombas <gombasg@sztaki.hu>
- Re: Bits from the release team: the plans for etch
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Bits from the release team: the plans for etch
  - From: Frank Küster <frank@debian.org>
- Re: Bits from the release team: the plans for etch
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Removing system users on purge [Re: Bits from the release team: the plans for etch]
  - From: Don Armstrong <don@debian.org>
- Re: Removing system users on purge [Re: Bits from the release team: the plans for etch]
  - From: Stephen Frost <sfrost@snowman.net>

Prev by Date: Re: A thought about killing two bird with one stone
Next by Date: Re: Bits from the release team: the plans for etch
Previous by thread: Re: Removing system users on purge [Re: Bits from the release team: the plans for etch]
Next by thread: Re: Removing system users on purge [Re: Bits from the release team: the plans for etch]
Index(es):
- Date
- Thread