[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /var/adm/auth.log permissions

'Nikhil Nair wrote:'
>I notice that on more than one debian system, /var/adm/auth.log* are 
>world readable.  Now, if someone logs in incorrectly, typing their 
>password instead of their userid, that is a serious security risk.
>Some time ago, I did change it using `chmod o=', but I notice now that 
>it's back as it was: it's obviously been created again during logfile 
>rotation.  How can I fix this?  Which package is it part of?

Thanks for the clue.  I found the culprit: /etc/cron.weekly/syslogd

It is (at least partially) fixed in syslogd version 1.2-19 (on my ELF
system).  It is/was broken in 1.2-15.  I'd prefer to have cron.log,
daemon.log, debug, and messages world unreadable too.  But at least
auth.log is getting 640 treatment now.

Christopher J. Fearnley            |    UNIX SIG Leader at PACS
cjf@netaxs.com                     |    (Philadelphia Area Computer Society)
http://www.netaxs.com/~cjf         |    Design Science Revolutionary
ftp://ftp.netaxs.com/people/cjf    |    Explorer in Universe
"Dare to be Naive" -- Bucky Fuller |    Linux Advocate

Reply to: