Thanks Bret & Steve, but this brings on another question.
Aren't you saying that you have no confidence in your firewall, and all
those updates you installed from RH ?
I agree Steve, if you're brain dead enough to type in your password when it
is asking for your username, then changing the perms would not be a sane
idea.
Ok, if changing the perms is a bad idea, then what are alternatives ?
Mike
-----Original Message-----
From: Steve Frampton [mailto:[EMAIL PROTECTED]]
Sent: Sunday, January 30, 2000 10:30 PM
To: [EMAIL PROTECTED]
Subject: Re: Security implications ?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sun, 30 Jan 2000, Bret Hughes wrote:
Mike Lewis wrote:
> The default perms on /var/log/messages are:
>
> -rw------- 1 root root 162393 Jan 30 19:58 /var/log/messages
>
> What would be the security implications of changing the perms to 644 ?
What
> I'd like to do is tail my log without having to su. Is there a better way
?
The implications are that sensitive information sometimes makes its way
into the log messages. Like passwords when some quick-fingered fool
doesn't look at the screen and see they're being prompted for a
"Username:" rather than a password (I've seen it *dozens* of
times). There are likely other things you wouldn't want a k1dd13 to see
either.
- --------------< LINUX: The choice of a GNU generation. >--------------
Steve Frampton <[EMAIL PROTECTED]> Japan Communications, Inc.
Software Developer/Systems Administrator http://www.j-com.co.jp/
GNU Privacy Guard ID: D055EBC5 (see http://www.gnupg.org for details)
GNU-PG Fingerprint: EEFB F03D 29B6 07E8 AF73 EF6A 9A72 F1F5 D055 EBC5
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE4lSvUmnLx9dBV68URAj59AJ9FyJU1XnvIqJjpgHgIGJ4qAuueSwCgk3Ie
TMRhIYwZo3zFP2Pc4PJSH2w=
=fUL/
-----END PGP SIGNATURE-----
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
