Re: /var/log/messages not world-readable anymore?

To: debuser@templinux.bucknell.edu (Debian user mail)
Cc: joey@kite.ml.org (Joey Hess), lowe@eecis.udel.edu (Will Lowe), debian-user@lists.debian.org
Subject: Re: /var/log/messages not world-readable anymore?
From: joey@finlandia.infodrom.north.de (Martin Schulze)
Date: Thu, 10 Jul 1997 11:22:25 +0200
Message-id: <[🔎] m0wmFQi-000VKSC@finlandia.Infodrom.North.DE>
In-reply-to: <[🔎] Pine.LNX.3.96.970709190258.2372A-100000@templinux.bucknell.edu>; from Debian user mail on Jul 9, 1997 19:04:17 -0400
References: <[🔎] Pine.LNX.3.96.970709190258.2372A-100000@templinux.bucknell.edu>

Debian user mail writes:

> > Any more examples of why this could be a security hole?
> 
> I'm not sure why it is or isn't a security hole, but I think it might be a
> change in the new(er) version of sysklogd.  I upgraded that package
> yesterday, and manually rotated my logs today, and voila! I could no
> longer tail -f my logs.  Bummer.

I don't like public readable logfiles that *can* contain confidential
information.  e.g. sendmail logs to that file who has sent a mail
to whom.  I believe this *is* confidential.

If you don't think so, edit /etc/cron.weekly/sysklogd and make a
manual chmod.

Regards

	Joey

-- 
  / Martin Schulze  *  joey@infodrom.north.de  *  26129 Oldenburg /
 /                                     http://home.pages.de/~joey/
/        Eine Kette ist nur so stark wie ihr schwächstes Glied  /


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- Re: /var/log/messages not world-readable anymore?
  - From: Debian user mail <debuser@templinux.bucknell.edu>

Prev by Date: Re: compiling with libc5
Next by Date: Re: a question abou mail?
Previous by thread: Re: /var/log/messages not world-readable anymore?
Next by thread: Re: /var/log/messages not world-readable anymore?
Index(es):
- Date
- Thread