On Monday, 2002-04-29 at 02:40:57 +1000, Ian Cumming wrote: > I was just cleaning up after rebuilding a machine, and I decided to take > a look at the log file and /etc permissions.
Which release? Woody? > I was quite alarmed. There seem to be many files with world readable > permissions, which _shouldnt_. > ie: > /var/log/xfer.log Probably depends on your flavour of ftp daemon. Mine is -rw-r----- 1 root adm 335 Apr 24 15:46 /var/log/xferlog > /var/log/samba/* Here, /var/log/samba is: drwxr-x--- 2 root adm 4096 Apr 28 07:48 /var/log/samba The files *are* -rw-r--r-- 1 root root 11144 Apr 28 14:49 log.nmbd -rw-r--r-- 1 root root 1314 Apr 29 10:24 log.smbd but this doesn't matter. > /var/log/mailman/* I don't have mailman, so I can't comment. > and in /etc: > /etc/proftpd.conf I don't see anything that needs protection in my (default) proftpd.conf. > /etc/netatalk/* Don't have. > /etc/smb/smb.conf This one can have user names, so I guess it would be better off with tighter access modes. > /etc/apache-perl/cron.conf I have no idea what this file is. > What is the policy for log files? I understand that it doesnt do _that_ > much harm allowing others to read, but it does disclose more than I want > to reveal. Actually, having tighter access rights on logfiles may lead to the admin handing out the root password to more people, resulting in lowered security. > And now every time I install a package, I'm paranoid about the > permissions, so I have to go check them. Be paranoid within reason. If you tighten security so much that you can only work as root, you're easier to screw by trojans. Lupe Christoph -- | [EMAIL PROTECTED] | http://free.prohosting.com/~lupe | | I have challenged the entire ISO-9000 quality assurance team to a | | Bat-Leth contest on the holodeck. They will not concern us again. | | http://public.logica.com/~stepneys/joke/klingon.htm | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]