On Thu, Aug 28, 2008 at 02:37:37PM -0700, Steve Langasek wrote: > On Thu, Aug 28, 2008 at 09:36:41AM +0200, Giacomo A. Catenazzi wrote: > > auth.log was invented for this reason, and separated to standard log: > > it should be readable only by root, > > Then there is a bug in another package if this is what "should" be, because > /var/log/auth.log is readable by group adm on all my systems.
I see the same (and a sarge box I checked also has that). I'm surprised enough by it that I think it must have changed at some point in the past. I don't think 'readable by group adm' is a reasonable default for /var/log/auth.log. It makes the adm group much less useful. Regards, Mark. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
