Re: /var/log/messages not world-readable anymore?
Debian user mail writes:
> > Any more examples of why this could be a security hole?
>
> I'm not sure why it is or isn't a security hole, but I think it might be a
> change in the new(er) version of sysklogd. I upgraded that package
> yesterday, and manually rotated my logs today, and voila! I could no
> longer tail -f my logs. Bummer.
I don't like public readable logfiles that *can* contain confidential
information. e.g. sendmail logs to that file who has sent a mail
to whom. I believe this *is* confidential.
If you don't think so, edit /etc/cron.weekly/sysklogd and make a
manual chmod.
Regards
Joey
--
/ Martin Schulze * joey@infodrom.north.de * 26129 Oldenburg /
/ http://home.pages.de/~joey/
/ Eine Kette ist nur so stark wie ihr schwächstes Glied /
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: