Better yet, read-only access to group adm and no access to world? So permissions 275.? Should the /var/log directory be itself be viewable/listable by world?
On Tue, 28 Mar 2000, Marco d'Itri wrote: > On Mar 28, Santiago Vila <[EMAIL PROTECTED]> wrote: > > >The /var/log directory should have permissions 2775 (group-writable and > >set-group-id) and be owned by root.adm. > > > >Rationale: root.adm is a better default than root.root. > This isn't a rationale, it's more like a joke. > Please explain the purpose of the adm group and why its members should > be able to destroy logs. A member of the adm group can't rotate logs > anyway because he can't restart syslogd. > > -- > ciao, > Marco
