[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [PROPOSAL] Permissions of /var/log.

Better yet, read-only access to group adm and no access to world? So
permissions 275.? Should the /var/log directory be itself be
viewable/listable by world?

On Tue, 28 Mar 2000, Marco d'Itri wrote:

> On Mar 28, Santiago Vila <sanvila@unex.es> wrote:
>  >The /var/log directory should have permissions 2775 (group-writable and
>  >set-group-id) and be owned by root.adm.
>  >
>  >Rationale: root.adm is a better default than root.root.
> This isn't a rationale, it's more like a joke.
> Please explain the purpose of the adm group and why its members should
> be able to destroy logs. A member of the adm group can't rotate logs
> anyway because he can't restart syslogd.
> -- 
> ciao,
> Marco

Reply to: