Bug#2837: Default syslogd.conf logs auth information where everyone can see it
Christian Hudon wrote:
| In default the /etc/syslogd.conf file, auth information is directed to
| the /var/log/auth.log file and the /dev/xconsole named pipe. But whereas
| the auth.log file's permissions are set at 540, xconsole is world-readable.
How does auth.log get such strange permissions? My auth.logs are of mode
640, which is correct, root can write, adm can read, nobody else.
Referring to xconsole, which permission would you suggest? I have now
changed it to the same as auth.log. Beat me if this is wrong.
| And anyway, logging everything to xconsole is overkill, IMHO. It makes the
| xconsole notify mechanism useless since it now triggers for mundane stuff
| (eg. named statistics) as well as the important (system broadcasts, talk
| requests, etc.) Couldn't the /dev/xconsole entry be pared down so that only
| the more important stuff (panics, broadcasts, etc.) shows up on
| xconsole (and exclude auth from that!).
Not everything is logged to xconsole btw. I won't change a single entry in it
unless there's a strong mistake or Ian J. tells me to do. I don't use it and
he thinks it's useful.
Everyone: feel free to configure your syslog.conf for your own needs. That's
the benefit of Debian, the configuration file will not be overwritten when
updating a package.
/ Martin Schulze * Debian GNU/Linux Developer * firstname.lastname@example.org /
/ http://www.debian.org/ http://home.pages.de/~joey/
/ Never trust an operating system you don't have sources for! /