Dne 07. 02. 20 v 13:19 Steffen Winterfeldt napsal(a):
On Thu, 6 Feb 2020, Josef Reidinger wrote:
clear logs before reproduce issue so it is really minimal. So save_y2logs have to be also run as root, but maybe what we can do there is add ability to pass user and chown tarball after calling. So something like `save_y2logs --user jreidinger` and resulting tarball will be readable by that user which looks like good compromise. and print warning if it is called without user specified.
That doesn't make much of a difference compared to having the log world-readable.
I think it is still better to limit the access to just one person than having it world readable. Unfortunately we cannot implement something like "make it readable for me if I want to attach it to bugzilla". We do not know what the user will do with the file or how long it will be kept in the system. And in this case it is better to be safe than sorry.
There's a logical contradiction in keeping the logs secret and at the same time asking the user to make it publicly available.
Because we do not know what will happen with the file later we stay on the safe side.
Keeping the restrictive permissions and presenting a brief text to the user exlaining things might be our best bet.
Yes, we probably cannot do much regarding this. But I like the Josef's "--user" idea, that could help a bit I think... -- Ladislav Slezák YaST Developer SUSE LINUX, s.r.o. Corso IIa Křižíkova 148/34 18600 Praha 8 -- To unsubscribe, e-mail: yast-devel+unsubscribe@opensuse.org To contact the owner, e-mail: yast-devel+owner@opensuse.org