-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sun, 30 Jan 2000, Bret Hughes wrote:
Mike Lewis wrote:
> The default perms on /var/log/messages are:
>
> -rw------- 1 root root 162393 Jan 30 19:58 /var/log/messages
>
> What would be the security implications of changing the perms to 644 ? What
> I'd like to do is tail my log without having to su. Is there a better way ?
The implications are that sensitive information sometimes makes its way
into the log messages. Like passwords when some quick-fingered fool
doesn't look at the screen and see they're being prompted for a
"Username:" rather than a password (I've seen it *dozens* of
times). There are likely other things you wouldn't want a k1dd13 to see
either.
- --------------< LINUX: The choice of a GNU generation. >--------------
Steve Frampton <[EMAIL PROTECTED]> Japan Communications, Inc.
Software Developer/Systems Administrator http://www.j-com.co.jp/
GNU Privacy Guard ID: D055EBC5 (see http://www.gnupg.org for details)
GNU-PG Fingerprint: EEFB F03D 29B6 07E8 AF73 EF6A 9A72 F1F5 D055 EBC5
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE4lSvUmnLx9dBV68URAj59AJ9FyJU1XnvIqJjpgHgIGJ4qAuueSwCgk3Ie
TMRhIYwZo3zFP2Pc4PJSH2w=
=fUL/
-----END PGP SIGNATURE-----
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
