Re: shouldn't root.adm , -rw-r----- , be policy for all non-public log files?
On Mon, Aug 26, 2002 at 06:13:30PM +0200, Joost van Baal wrote:
> Hi,
>
> I maintain the Lire package, which processes log files from e.g.
> sendmail, bind, apache, boa and lots of other services. I don't want to
> run any Lire processes as root. However, of course, the processes need
Which is quit sensible on your behalf.
> read access to log files. Unfortunately, there seems to be no rule or
> policy on how access permissions for log files should be. Wouldn't it
> be nice if all non-public log files were owned by group `adm', and
> groupreadable? (World readability for public log files is fine too, of
> course.) Currently, this is the case for quite a lot of commonly found
> log files.
I recently added a FAQ item in the "Securing Debian Manual"
(http://www.debian.org/doc/manuals/securing-debian-howto/ch11.en.html#s11.1)
AFAIK there is no policy regarding log files, however, there *should* be one.
>
(...)
> , although similar issues were raised, no conclusion seems to have been
> reached on this specific subject (other than "adm is to read logs".)
>
If so then policy should tell package maintainers to create logs
as root.adm or package_user.adm. IMHO the problem should be fixed by clarifying the
policy and having it written down. How about submitting a policy proposal?
Regards
Javi
Reply to: