Re: /var/log/messages not world-readable anymore?
On Wed, 9 Jul 1997, Joey Hess wrote:
> I've got sysklogd 1.3-17 and it's made /var/log/messages no longer be world
> readable. Is there some security problem with letting any user read it?
Well, here's an example of where it could be:
I use diald to dial up an ISP account. Diald calls chat to
execute a login-and-start-ppp script. Chat writes all of it's
<send>/<waitfor> pairs to /var/log/messages. So anyone who can read
/var/log/messages can also find my login and password for my ISP (in my
case, my university).
Will
harpo@udel.edu
lowe@ecl.ude.edu
http://www.ecl.udel.edu/~lowe/
*****************************************************************************
Good Idea: Feeding Stray Cats in the Park.
Bad Idea: Feeding Stray Cats in the park ... to a bear.
*****************************************************************************
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: