On Tue, 28 Mar 2000, Wichert Akkerman wrote: > Previously Santiago Vila wrote: > > The /var/log directory should have permissions 2775 (group-writable and > > set-group-id) and be owned by root.adm. > > Why group writeable?
Good question. These are the permissions Bruce Perens gave to the /var/log directory a long time ago, and there is a similar policy for the /usr/local directory, so I based my first draft on this. Anyway, since noone think it is a good idea, I withdrawn the group-writable part. I modify my proposal to this: ----------------------------------------------------------------------- The /var/log directory should have permissions 2755 (set-group-id) and be owned by root.adm. ----------------------------------------------------------------------- Rationale: If group of logfiles which don't contain sensitive data does not matter and logfiles which contain sensitive data should be owned by root.adm, then root.adm is a better default than root.root. Manoj wrote: > What are your arguments for not letting the maintainer decide this on > their own? This policy will still let the maintainer to decide this on their own. I am still looking for seconds for this modified proposal. If you think this policy is harmful, please object and I'll drop it entirely. Thanks. -- "624683a2cc2372410330d8e82fa3ee07" (a truly random sig)
