Re: /var/log on Debian systems

To: Debian Development <debian-devel@lists.debian.org>
Subject: Re: /var/log on Debian systems
From: Chasecreek Systemhouse <chasecreek.systemhouse@gmail.com>
Date: Tue, 14 Dec 2004 16:12:27 -0500
Message-id: <[🔎] 91f88ee2041214131258b96e0b@mail.gmail.com>
Reply-to: Chasecreek Systemhouse <chasecreek.systemhouse@gmail.com>
In-reply-to: <[🔎] 20041214185559.GB16519@finlandia.infodrom.north.de>
References: <[🔎] 20041214001854.GA20108@cirrus.madduck.net> <[🔎] 20041214185559.GB16519@finlandia.infodrom.north.de>

On Tue, 14 Dec 2004 19:55:59 +0100, Martin Schulze <joey@infodrom.org> wrote:

> What's so private in these log files that they should not world
> readable?

A local user can look at usage patterns and formulate a plan of
attack. A badly written CGI can leak server data across the public
Internet.

It gets worse - shall I continue?

-- 
WC -Sx- Jones
http://insecurity.org/

Reply to:

References:
- /var/log on Debian systems
  - From: martin f krafft <madduck@debian.org>
- Re: /var/log on Debian systems
  - From: Martin Schulze <joey@infodrom.org>

Prev by Date: ITP: wrapperfactory.app -- Application wrappers configuration tool for GNUstep
Next by Date: Re: Right Way to make a configuration package
Previous by thread: Re: /var/log on Debian systems
Next by thread: A few Debian packages use "cz" for lang code name for Czech
Index(es):
- Date
- Thread