severity #291825 normal
thanks, mate
this isn't a 'wishlist' bug
wishlist
for any feature request, and also for any bugs that are very
difficult to fix due to major design considerations.
nor it is 'minor'
a problem which doesn't affect the package's usefulness, and is
presumably trivial to fix.
from: http://www.debian.org/Bugs/Developer#severities
On Sun, Jan 23, 2005 at 04:27:24PM +0100, Marc Haber wrote:
> severity #291825 wishlist
> tags #291825 wontfix
> thanks
>
> On Mon, Jan 24, 2005 at 12:54:43AM +1100, Anand Kumria wrote:
> > Debian policy[1], recommend directories have permissions of either 755
> > or 2755. The /var/log/exim4 directories do not.
>
> Feature. The log might contain confidenial data.
I am not asking for the permissions of logfiles to be changed.
I am asking for the permission of the directory containing the logfiles
to be changed to be in line with policy. Changing the permissions to be
in line with policy also allows useful a number of reasonable
administrative actions.
Having the directory containing the logfiles be inaccessible does not
serve the purpose of keeping the logfiles confidential since the logfile
permission already make them confidential!
> Add yourself to the adm group. Grepping logs as root is generally not
> a good idea.
Thanks for the suggestion. If it were just a single group I should add
myself to, that would be fantastic. However as an administrator my
choices are:
- add myself to every arbitary group that every arbitary Debian
maintainer would like me to (proxy, Debian-exim, adm, etc.)
- ask maintainers to follow the Debian policy when it comes to
directories and do things as root
For people whose time is unlimited they may choose to add themselves to
every group. Performing my requested change will not preclude them from
doing so. Performing my requested change also enables the second group
of administrators to undertake their work with a minimum of extra
stress.
On Sun, Jan 23, 2005 at 05:22:09PM +0100, Andreas Metzler wrote:
> On 2005-01-23 Marc Haber <[EMAIL PROTECTED]> wrote:
>
> > Add yourself to the adm group. Grepping logs as root is generally not
> > a good idea.
>
> I completely agree. Debian defines group adm exactly for this purpose.
> I do not think exim4 is doing anything wrong, the directory
> permissions act as a safeguard and do not limit suugested practice.
Per policy 10.9, the exim packages are.
Anand
--
linux.conf.au 2005 - http://lca2005.linux.org.au/ - Birthplace of Tux
April 18th to 23rd - http://lca2005.linux.org.au/ - LINUX
Canberra, Australia - http://lca2005.linux.org.au/ - Get bitten!
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
