[H-GEN] syslog
Matthew Tippett
matthew.tippett at dsto.defence.gov.au
Thu Nov 6 18:16:53 EST 1997
Martin Pool wrote:
>
> Foo. If you take this approach, you'll never find all of the scripts
> which need modification.
>
> You might try
>
> # chgrp wheel /var/log; chmod 2750 /var/log
>
> so that only good people can browse the log files.
>
> Though it isn't always the case, log-rotation files should be designed to
> preserve ownership and permissions. It's not that hard.
Most of the solutions so far have fixed a problem,
not stopped it
occuring. In the scripts set umask first, then
try to find out
why syslog has a umask of 022 (or similar).
If you stop syslog writing/creating a world
readable file then you
stop all the associated problems.
Setting a setid bit is useful, a bit
sledgehammerish however. In some
occasions a user whould like to look at log files.
Matt
----------------------- HUMBUG General List --------------------------------
echo "unsubscribe general" | mail majordomo at humbug.org.au # To Unsubscribe
More information about the General
mailing list