> On Fri, Nov 03, 2000 at 04:50:27PM +1100, Ian wrote:
> > Hi,
> >
> > I have a slink->potato->woody server, and I am a little concerned about
the permissions some of the log files in /var/log have.
> >
> > There are too many to list, but here are some:
> > -rw-r--r-- 1 root root 8232348 Nov 3 06:43 tripwire
> > -rw-r--r-- 1 root root 10152 Nov 3 14:49 wdm.log
> > -rw-r--r-- 1 root root 0 Nov 3 06:26 mysql.err
> > -rw-r--r-- 1 root adm 0 Oct 29 06:47 cfingerd.log
> > -rw-r--r-- 1 root root 8483 Oct 22 12:42 dmesg
> > -rw-rw-r-- 1 root utmp 320908 Nov 3 16:43 lastlog
> > -rw-r--r-- 1 root root 947139 Nov 3 16:36 nmb
> >
> > why are these files read by all? I have "normal" users on my system, and
although I trust them, these kinds of permissions make me feel a little
paranoid. ie: they could be used by someone to investigate system use, etc..
>
> Hi,
>
> I have a slink->potato and eventualy I discovered that /var/log/ppp.log
was also -rw-r--r--
> Inside this file, you can se my ISP password in text only! Any user
could see it...
disable or lower the debug from the ppp options
---
;---+---;
bye |
bye |hor
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
