Re: log permissions
Thanks for your help. Now the ppp.log is ok.
But, I did't change anything in the default configuration of ppp.
I just used 'pppconfig' to create my connection to ISP.
Why was /var/log/ppp.log logging the password and also readable by everyone in the default configuration? I think that's a security hazard... (I noticed this only in 'slink')
On Fri, Nov 03, 2000 at 07:54:15AM -0500, Chester Hosey wrote:
> The hide-password option in /etc/ppp/options should take care of that.
>
> Although I thought hide-password was default, make sure there is no
> show-password option specified.
>
> su to root, then try:
> cd /etc/ppp
> egrep -r "\-password" .
>
> to find any relevant settings.
>
> HTH.
>
> -chet
>
> -----
> yet he has sorcery
>
> On Fri, 3 Nov 2000, Pedro Zorzenon Neto wrote:
>
> > On Fri, Nov 03, 2000 at 04:50:27PM +1100, Ian wrote:
> > > Hi,
> > >
> > > I have a slink->potato->woody server, and I am a little concerned about the permissions some of the log files in /var/log have.
> > >
> > > There are too many to list, but here are some:
> > > -rw-r--r-- 1 root root 8232348 Nov 3 06:43 tripwire
> > > -rw-r--r-- 1 root root 10152 Nov 3 14:49 wdm.log
> > > -rw-r--r-- 1 root root 0 Nov 3 06:26 mysql.err
> > > -rw-r--r-- 1 root adm 0 Oct 29 06:47 cfingerd.log
> > > -rw-r--r-- 1 root root 8483 Oct 22 12:42 dmesg
> > > -rw-rw-r-- 1 root utmp 320908 Nov 3 16:43 lastlog
> > > -rw-r--r-- 1 root root 947139 Nov 3 16:36 nmb
> > >
> > > why are these files read by all? I have "normal" users on my system, and although I trust them, these kinds of permissions make me feel a little paranoid. ie: they could be used by someone to investigate system use, etc..
> >
> > Hi,
> >
> > I have a slink->potato and eventualy I discovered that /var/log/ppp.log was also -rw-r--r--
> > Inside this file, you can se my ISP password in text only! Any user could see it...
> >
> >
Reply to: