Mickaël Blanchard wrote: > Hello all, > > I have a suggestion about the permissions that should be set to > /var/log/btmp. > > This file records bad logins attempts, as you know. However, a common error > is to type its password instead of its login, when credential is asked by > the system. In such case, any user that can read this file may obtain > precious about another user's password (including root). > > So, that's why I suggest to change /var/log/btmp permissions to 0600 in > order to strenghten security.
OK. Committed. -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
