Re: plog

To: "debian-user@lists.debian.org" <debian-user@lists.debian.org>
Subject: Re: plog
From: john@dhh.gt.org
Date: 14 Jan 1999 22:43:36 -0600
Message-id: <[🔎] 8767a92ljb.fsf@hasler.dhh>
In-reply-to: ktb's message of "Thu, 14 Jan 1999 22:08:15 +0000"
References: <[🔎] Pine.HPX.4.02.9901142031500.28856-100000@hebron.et.byu.edu> <[🔎] 19990114223925.E886@visi.net> <[🔎] 369E6ACF.E5862393@binary.net>

ktb writes:
> Hmmmm, my   ppp.log file shows the same:

> ~$ ls -l /var/log/ppp.log
> -rw-r-----   1 root     adm        848182 Jan 14 16:04 /var/log/ppp.log

> And as a regular user gives me this:
> ~$ plog
> Jan 14 16:03:25 crossyourfingers pppd[772]: sent [LCP EchoReq id=0x76 magic=0x3f1d]

Your "regular user" is in group adm, right? /var/log/ppp.log is in group
adm and is group readable.

> I looked at the file /var/log/ppp.log itself as a regular user using
> "cat" and found my password there.  So if I don't have to use plog as
> root do I have a security problem?

Depends.  Do you trust your "regular user"?

I don't know why your regular user would be in adm, though.
-- 
John Hasler
john@dhh.gt.org (John Hasler)
Dancing Horse Hill
Elmwood, WI

Reply to:

References:
- plog
  - From: Robert Kerr <kerrr@et.byu.edu>
- Re: plog
  - From: Ben Collins <bmc@visi.net>
- Re: plog
  - From: ktb <ktb@binary.net>

Prev by Date: Mail client (POP3) for both linux and Windows NT ?
Next by Date: Re: pygres in slink/hamm?
Previous by thread: Re: plog
Next by thread: Re: plog
Index(es):
- Date
- Thread