[H-GEN] syslog
Matthew Tippett
matthew.tippett at dsto.defence.gov.au
Tue Nov 4 18:40:44 EST 1997
Craig Eldershaw wrote:
> >> Obvious question, how do I permanently remove read access from all but root
> >from / type "rm -rf 2>/dev/null &"
> Need a path in there somewhere... no fun otherwise :-)
One day some newbie is going to do this.....
> >seriously, chmod go= /var/log/* (or just the file(s))
>
> That will fix the current permissions...but does the system have a cron job
> to rotate the logs ? If so, then the current file (who's perms you have
> corrected) will be mv'ed (retaining perms), but the new one created will
> probably go back to the defaults (incl. the world read access). So if such
> log-rotation scripts exist, then they'll need modification too (basically by
> adding the chmod line to them).
If there is a log-rotation script just give the script an very tight umask.
Something like
umask 066
before files are moved/written/created should do the trick.
Matt
----------------------- HUMBUG General List --------------------------------
echo "unsubscribe general" | mail majordomo at humbug.org.au # To Unsubscribe
More information about the General
mailing list