[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: correct perms for logcheck config files?



On Sun, Aug 10, 2003 at 02:57:32PM -0400, Joey Hess wrote:

> This may have come up before, I don't remember, but the logcheck files
> on my server have different permission. The ones in logcheck-database
> are mode 600, most others are mode 644. A few wrongly executable. 
> dh_installlogcheck installs them mode 600. What's the right permissions?
> logcheck's README.Maintainer does not say.

I think it is not helpful to restrict read permission on these files.
Module local modifications, anyone can get a copy from the Debian archive,
so their contents are not secret.  The same justification applies as for not
restricting permissions on setuid executables, as documented in the policy
manual.

I think the files should be 644, directories 755 (currently the directories
are unreadable as well, which is quite inconvenient).

-- 
 - mdz



Reply to: