martin f krafft wrote:
On all my Debian systems, /var/log seems like a big pile of dumps
without much consistency. Especially, while 0640:root:adm seems to
be a commonly accepted guideline, proggies like aptitude,
scrollkeeper, X, xdm, fontconfig, and many others basically just
dump
also sprach Martin Schulze [EMAIL PROTECTED] [2004.12.14.1955 +0100]:
be a commonly accepted guideline, proggies like aptitude,
scrollkeeper, X, xdm, fontconfig, and many others basically just
dump their files world-readable into there.
What's so private in these log files that they
On Tue, 14 Dec 2004 19:55:59 +0100, Martin Schulze [EMAIL PROTECTED] wrote:
What's so private in these log files that they should not world
readable?
A local user can look at usage patterns and formulate a plan of
attack. A badly written CGI can leak server data across the public
Internet.
On all my Debian systems, /var/log seems like a big pile of dumps
without much consistency. Especially, while 0640:root:adm seems to
be a commonly accepted guideline, proggies like aptitude,
scrollkeeper, X, xdm, fontconfig, and many others basically just
dump their files world-readable
On Tue, 14 Dec 2004, martin f krafft wrote:
- first suggest to make /var/log group adm and setgid, so that any
new files automatically belong to group adm.
No, not again. Please google a little bit more before proposing things.
For example, read the complete logs for Bug #35504.
also sprach Santiago Vila [EMAIL PROTECTED] [2004.12.14.0137 +0100]:
No, not again. Please google a little bit more before proposing
things. For example, read the complete logs for Bug #35504.
I read the complete log, and I read the thread at
6 matches
Mail list logo