On Mon, Mar 06, 2006 at 12:08:08PM -0500, John Baldwin wrote: +> Did you know about the -C option to newsyslog? newsyslog is a better too +> for creating the log files since its config file can specify permissions +> (owner, group, chmod).
I agree, but I didn't removed this functionality from the newsyslog(8). I wanted to have this simple functionality in syslogd(8) for a few small reasons: - I don't really buy that not creating log files is a security feature. - You don't always want newsyslog(8) (eg. on a embedded system). - Its more handy to add new log file and just restart syslogd without any errors, instead of editing newsyslog.conf, executing newsyslogd -C and then restarting syslogd. It still would be handy to tell newsyslogd(8) to always correct owner and permission (which it doesn't do currently, AFAIK) - root:wheel 0600 should be safe default for a log file in the meantime. -- Pawel Jakub Dawidek http://www.wheel.pl [EMAIL PROTECTED] http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am!
pgpmX8FU34kUB.pgp
Description: PGP signature