world readable log files and /etc/ files
Hi,
I was just cleaning up after rebuilding a machine, and I decided to take
a look at the log file and /etc permissions.
I was quite alarmed. There seem to be many files with world readable
permissions, which _shouldnt_.
ie:
/var/log/xfer.log
/var/log/samba/*
/var/log/mailman/*
and in /etc:
/etc/proftpd.conf
/etc/netatalk/*
/etc/smb/smb.conf
/etc/apache-perl/cron.conf
What is the policy for log files? I understand that it doesnt do _that_
much harm allowing others to read, but it does disclose more than I want
to reveal.
And now every time I install a package, I'm paranoid about the
permissions, so I have to go check them.
Ian.
--
Ian Cumming, ian@semisphere.org
"The number of Unix installations has grown to 10, with more expected."
-- The Unix Programmer's Manual, 2nd Edition, June, 1972
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: