Re: logfiles world readable

To: debian-user@Pixar.com
Subject: Re: logfiles world readable
From: "Andrew D. Fernandes" <adfernan@cnd.mcgill.ca>
Date: Wed, 15 Nov 1995 08:28:07 -0500 (EST)
Message-id: <[🔎] 199511151328.IAA15645@mines.cnd.mcgill.ca>
In-reply-to: <[🔎] m0tFbAl-0006SiC@lina.inka.de> from "eckes" at Nov 15, 95 07:18:14 am

> Package: syslog,acct
> 
> Hello,
> 
> /var/log/auth.log and the other logfiels are world-readable.
> I think this is a security problem.

I agree. Not only that, but on a related note, "locate" should not
place non-world-readable files in its database. If I remove
read/execute permission from a directory, I don't want someone to be
able to scan it by simply doing a "locate <username>".

Do you want to submit the bug report, or shall I, Bernd?

-Andrew. <adfernan@cnd.mcgill.ca>

Reply to:

Follow-Ups:
- Re: logfiles world readable
  - From: karl@tower.com.au (Karl Ferguson)
- Re: logfiles world readable
  - From: Ian Murdock <imurdock@debian.org>

References:
- logfiles world readable
  - From: eckes <ecki@lina.inka.de>

Prev by Date: Re: 1.0
Next by Date: Re: 1.0
Previous by thread: logfiles world readable
Next by thread: Re: logfiles world readable
Index(es):
- Date
- Thread