Hi, I notice that on more than one debian system, /var/adm/auth.log* are world readable. Now, if someone logs in incorrectly, typing their password instead of their userid, that is a serious security risk. Some time ago, I did change it using `chmod o=', but I notice now that it's back as it was: it's obviously been created again during logfile rotation. How can I fix this? Which package is it part of? Thanks, Nikhil.