On 2005-01-23 Anand Kumria <[EMAIL PROTECTED]> wrote: > Package: polipo > Version: 0.9.7-1 > Severity: normal
> Hi, > Debian policy[1] recommends directories by 755 or 2755. I can > understand that polipo you may not have done this since the log file > might contain sensitive information. > Instead could you change the permissions of the logfile to be 0640 and > keep the directory as 755. This makes it convient if you are a system > administrater as you can look in the directory and perform actions such > as "sudo zgrep parse /var/log/polipo/*.[0-9].gz". > With the directory at 750 this isn't possible. [...] base-passwd's users-and-groups also says that log-fles should be readable by group adm.[1] Since polipo probably cannot generate files with gid adm, it is probably best to make /var/log/polipo 0750 proxy:adm. cu andreas [1] It says it the other way round: Members of this group can read many log files in /var/log, and can use xconsole. -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
