Hi Janus!
I've played with LIDS some time ago. As far as I know, you
could simply allow the /usr/sbin/logrotate program to write
to the specified log directories and make the executable
itself write-protected (at least all the "sbin"-programs
should be so, right?) so that it can't be modified.
Hope that this helps.
Regards,
Martin Neuhaeusser
On Tue, Sep 03, 2002 at 10:43:05AM +0200, Janus N. T?ndering wrote:
> Dear Sirs,
>
> I've installed a LIDS kernel (www.lids.org) on my Debian Woody box. I
> think I have figured out most ACLs but I cannot make the daily/weekly
> cron jobs work properly (those that rotate logs etc).
>
> Does someone have any experience regarding this matter?
>
> Regards,
> Janus
> --
> Janus N?rgaard T?ndering
> email: janus@bananus.dk, j@nus.person.dk or janus@daimi.au.dk
>
> "Would you buy a car with the hood welded shut?"
> -Phil Hughes, Linux Journal Magazine
>
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
--
\ /
---==( o )==---
PGP encrypted messages preferred. Public-Key at:
http://sawfish.weh.rwth-aachen.de/~martin/index.html
Attachment:
pgpT5GkNVdP4E.pgp
Description: PGP signature