On 2011-12-09 04:53 +0100, Daniel Hartwig wrote:
> Presently, the permissions of aptitude's log file are not different to
> those of apt or dpkg:
>
> -rw-r--r-- 1 root root 111461 Dec 1 00:02 /var/log/aptitude
> -rw-r--r-- 1 root root 601478 Dec 8 18:08 /var/log/dpkg.log
> -rw-r--r-- 1 root ro
also sprach Daniel Burrows [2004.12.14.0120 +0100]:
> Why? There's nothing confidential about the information in the
> log file; if you want to (eg) find out what vulnerable software
> is available on the system, the apt cache (which is also
> unprotected by default) is a much better plac
Daniel Burrows wrote:
> On Monday 13 December 2004 06:58 pm, martin f krafft wrote:
>> Please consider making the log file of aptitude root:adm with 0640
>> permissions, in accordance with the majority of other log files.
>
> Why? There's nothing confidential about the information in the log fi
3 matches
Mail list logo
