Re: log permissions

[Chester Hosey <chosey@webstation.net>]

The hide-password option in /etc/ppp/options should take care of that.

Although I thought hide-password was default, make sure there is no
show-password option specified.

su to root, then try:
	cd /etc/ppp
	egrep -r "\-password" .

to find any relevant settings.

HTH.

-chet

-----
yet he has sorcery

On Fri, 3 Nov 2000, Pedro Zorzenon Neto wrote:

> On Fri, Nov 03, 2000 at 04:50:27PM +1100, Ian wrote:
> > Hi,
> > 
> > I have a slink->potato->woody server, and I am a little concerned about the permissions some of the log files in /var/log have.
> > 
> > There are too many to list, but here are some:
> > -rw-r--r--    1 root     root      8232348 Nov  3 06:43 tripwire
> > -rw-r--r--    1 root     root        10152 Nov  3 14:49 wdm.log
> > -rw-r--r--    1 root     root            0 Nov  3 06:26 mysql.err
> > -rw-r--r--    1 root     adm             0 Oct 29 06:47 cfingerd.log
> > -rw-r--r--    1 root     root         8483 Oct 22 12:42 dmesg
> > -rw-rw-r--    1 root     utmp       320908 Nov  3 16:43 lastlog
> > -rw-r--r--    1 root     root       947139 Nov  3 16:36 nmb
> > 
> > why are these files read by all? I have "normal" users on my system, and although I trust them, these kinds of permissions make me feel a little paranoid. ie: they could be used by someone to investigate system use, etc..
> 
> Hi,
> 
>   I have a slink->potato and eventualy I discovered that /var/log/ppp.log was also -rw-r--r--
>   Inside this file, you can se my ISP password in text only! Any user could see it...
> 
> 
> --  
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 
>