On Wed, Jan 11, 2006, Bernhard Reiter wrote:
> Am Mittwoch, 11. Januar 2006 15:34 schrieb Bernhard Reiter:
> > By default the /openpkgdir/var/postfix/log/postfix.log is word readable.
> > This gives users of the system
> > the possibility to do some sort of email traffic analysis
> > for email flowing through the system.
> >
> > http://cvs.openpkg.org/getfile/openpkg-src/postfix/fsl.postfix?v=1.6
> > has
> >
> > file(
> > path="@l_prefix@/var/postfix/log/postfix.log",
> > perm=0644, monitor=3600
> > )
> >
> > I suggest to change this to perm=0644
>
> perm=0640 of course!
Hmmm... I see your point and from a paranoid security point of view the
file should be not world-readable. But keep in mind that from a paranoid
point of view even the output of commands like ps(1), df(1), etc are a
problem, of course.
OTOH this is a general issue and not really Postfix related. So we
should raise the general question whether logfiles in OpenPKG should be
world-readable or not? What are the opinions?
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
The OpenPKG Project www.openpkg.org
User Communication List openpkg-users@openpkg.org
