On Sat, Sep 20, 2003 at 08:33:29PM +0400, Nikita V. Youshchenko wrote: > I've just found that on all my systems /dev/log has rw-rw-rw- permissions. > Is that Debian default?
It's the default just about everywhere. If it was not the case, then you'd have to put every user that you want to be able to write to log files in a group with each other. You can certainly do that, if you'd like. Define group "log" and add the various daemon users on your system to it. Then set more restrictive permissons on /dev/log. You might also check out the IETF's Secure Syslog working group. Maybe they are working on this problem. Then again, they're probably busy with the rest of the insecurities in the syslog protocol... noah
pgpSDeE6T4PgM.pgp
Description: PGP signature
