I was just browsing through the Linux Security HOWTO for tips on further securing my new firewall/router when I came across the following.
http://www.linuxdoc.org/HOWTO/Security-HOWTO-5.html The /var/log/wtmp and /var/run/utmp files contain the login records for all users on your system. Their integrity must be maintained because they can be used to determine when and from where a user (or potential intruder) has entered your system. These files should also have 644 permissions, without affecting normal system operation. Unless something I installed modified it, my /var/log/wtmp was set to 664. Is there a reason for this? Thanks, Matt Ray
