On Wed, 28 Jun 2000, Roman Drahtmueller wrote:
why do the log files have permisssions set to 644 and not 600 ?
It shouldn't generally be considered a problem since it doesn't contain secrets to the users. It may be advisable to keep it a little more conservative, though.
I don't agree. There may be a lot of information in log files that should not be accessible to everybody. Think of mail log entries - you may read who has send a message of which size when to whom. To protect this is a question of privacy. Or on older systems I frequently found entries of the type invalid password for `mypassword' on `tty1' when users were hastily login in and were out of phase with the login and password prompts. On many systems it's not too hard to check all available accounts for 'mypassword' (and it's all too bad if it's the root password that was logged). I could not reproduce the latter effect with my recent configuration (/bin/login from shadow-980724-36 in SuSE 6.1). If the typed username at the login prompt is not valid it logs invalid password for `UNKNOWN' on `tty1' Has the behaviour of /bin/login changed - can anybody confirm this? Cheers Thomas |--------------------------------------------------------------------------| | Thomas Forbriger email: Thomas.Forbriger@geophys.uni-stuttgart.de | | Universitaet Stuttgart - Institut fuer Geophysik | | Richard-Wagner-Str. 44 D-70184 Stuttgart Germany | | Tel ++49 (711) 121-3593 or 3422 or 3424 or 3590 | Fax ++49 (711) 2361218 | | http://www.geophys.uni-stuttgart.de/thof | | "... there's nothing more bizarre than reality..." (M. Kindermann) |