>> Any user can run lastb. > >you can fix that with chmod o= /var/log/btmp*
When the file is rotated, the old permissions will be restored, so you would have to fix the cron entry as well. I agree that it is possible to prevent others from running lastb, but it is easy to do it incorrectly, and you will have the dpkg system working against you (for example, the next upgrade will fix the changed cron entry). It is easier to accept that lastb isn't secure. tcp-wrappers gives more logging than mosdt people need, and solid passwords can prevent others from loggin in. Of course, the truly secuire fix is to disable telnet and rlogin, enable ssh, and to turn off password authentication (require RSA keypairs). Carl
