On Sat, May 27, 2000 at 06:51:58PM -0500, Nathan E Norman wrote: > On Thu, May 25, 2000 at 08:07:10PM -0800, Ethan Benson wrote: > [ snip ] > > all keeping the logs owned by the unpriviledged user seems to buy you > > is a security hole. > > That's why on new debian installations the log are owned by root.root. > However, if the logs were already owned by www-data.www-data they > won't be changed.
until 6:25 when cron fires off /etc/cron.daily/apache which chowns them to www-data.www-data mode 0664 i just installed fresh apache package from potato. i do see that /var/www is now owned by root.root instead of the evil www-data.www-data that is a big improvment, but the cron job is broken IMO. -- Ethan Benson http://www.alaska.net/~erbenson/
pgpPXimKbejqa.pgp
Description: PGP signature
