wtmp question

To: debian-security@lists.debian.org
Subject: wtmp question
From: MHR <mray@coral-tech.com>
Date: Mon, 15 Jan 2001 18:18:28 -0600
Message-id: <[🔎] 3A639354.D8819596@coral-tech.com>

I was just browsing through the Linux Security HOWTO for tips on further
securing my new firewall/router when I came across the following.

http://www.linuxdoc.org/HOWTO/Security-HOWTO-5.html
The /var/log/wtmp and /var/run/utmp files contain the login records for
all users on your system. Their integrity must be maintained because
they can be used to determine when and from where a user (or potential
intruder) has entered your system.  These files should also have 644
permissions, without affecting normal system operation. 


Unless something I installed modified it, my /var/log/wtmp was set to
664.  Is there a reason for this?

Thanks,
Matt Ray

Reply to:

Follow-Ups:
- Re: wtmp question
  - From: Jim Breton <jamesb-debian@alongtheway.com>

Prev by Date: Re: [OT?] inverted `limit' match support in iptables/netfilter
Next by Date: Re: wtmp question
Previous by thread: Re: [OT?] inverted `limit' match support in iptables/netfilter
Next by thread: Re: wtmp question
Index(es):
- Date
- Thread