On Fri, 3 Nov 2000, Ian wrote: > I have a slink->potato->woody server, and I am a little concerned about > the permissions some of the log files in /var/log have. > [....] > why are these files read by all? I have "normal" users on my system, and > although I trust them, these kinds of permissions make me feel a little > paranoid. ie: they could be used by someone to investigate system use, > etc..
well.. if you have all logfiles owned by root you can make access to the /var/log for root and utmp group only (chmod 750) if you have a logfile of another user (mail for ex.) you can leave the permission as setted but no read/write for others and the /var/log must be open for all *** all the logfiles owned by root and group root might be readed only by root (chmod 600) *** pay attention for files of group utmp that might be readed/writed from this group. c-ya! 3 http://www.trek.eu.org/ k PGPKey: 7016731A57D4A69B 1A8EE5E90EF2608E (since 1995)
