[H-GEN] syslog

[Anthony Towns]

-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 4 Nov 1997, John Boggon wrote:

> I've noticed that normal users (ie: not root) have read access to my
> logfiles in /var/log and so can see the results of my chatscript which
> contains my password.

] # cd /var/log
] # chmod --recursive o-rwx *

...should do it for most of them. Note that just removing all access
isn't the best idea -- some non-root processes do logging as well.

Anything important _should_ be in the adm group. I doubt it will be
though:

] # grep ^adm: /etc/group 
               (find the group adm -- members appear in last col)
] adm:x:4:
] # grep "^[^:]*:[^:]*:[0-9]*:0*4:" /etc/passwd 
               (find the users whose default group is 4 (adm))           
] # _

In particular, though, the "\q" escape in chat will stop it writing
your password to the logs. A chat script something like
	ATDT000 CONNECT '' ogin: username word: password\q
should do the trick.
 
> I've only just installed Debian so this must be default, and it was the same
> with my Slackware setup.

You'd think they'd have more sense than this. Well, I would. Surely a
general user has no business going through your logs?
 
Cheers,
aj

- --
Anthony Towns <aj at humbug.org.au> <http://student.uq.edu.au/~s343676/>
I don't speak for anyone save myself. PGP encrypted mail preferred.

``NT, Networking, Security. Pick any two (you can't have all three).''
	-- _The Twelve Networking Truths_, RFC 1925, paraphrased 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: ascii
Comment: Key available at http://student.uq.edu.au/~s343676/aj_key.asc

iQCVAwUBNF78CeRRvX9xctrtAQHsMwQAg+LFdjcroFvFDJrYuSgdj5mLSJDHT1bP
6HFOFWBmQ5goJ/qsEumkM5DOUns86VeQ9F5quVXl32EbnTOw7VM/FpDJ2JorAj7q
6HuhN9Uqz1+sdjj83WTqJC7TNCzdYjKteXeSTTMNsjb4PEfleIk0j+vS7Wm45/Wb
XPVo7+F+wP4=
=2pGB
-----END PGP SIGNATURE-----

----------------------- HUMBUG General List --------------------------------
echo "unsubscribe general" | mail majordomo at humbug.org.au # To Unsubscribe