Maybe, but why those foldersmonths only? Itd be good to hear from JYA, especially b/c Netsol contradicts him.
> Sent: Sunday, October 11, 2015 at 9:13 PM > From: "Alfie John" <[email protected]> > To: [email protected] > Subject: Re: Why cryptome sold web logs to their paying customers? > > On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote: > > Resend–HTML email scrubbed > > > > Calling bullshit. Mirimirs right, this makes no sense. And JYA says > > netsol won't let him delete the logs but Netsol says logs are disabled > > by default[ > > https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/] > > and you have to turn them on. > > > > So how the fuckd this really happen? > > > > Mirimir <[email protected]> Are you arguing that users could have > > found those logs? > > > > I almost can't imagine that. Logs are normally in /var/log/ somewhere, > > and I can't imagine making them searchable. And indeed, I can't > > imagine how Cryptome archives would have included anything from > > /var/log/, even after system restore from backups. > > > > <--SNIP--> > > > > > Should access logs be kept for that long? Absolutely not. From what > > > I> have read in the email exchange that was posted, the log files > > > were> included in a NetSol total restore. My guess is that > > > John/Cryptome did> not intentionally keep these files, and did not > > > realize these files were> included in the archive. > > But that's the thing. Logs should have been in /var/log/. And how > > would the "NetSol total restore" have changed that? > > Not necessarily... > > Logs in /var/log is where they should be by default, but if the box is > on a shared hosting account, then things are completely different. For > instance, Bluehost charges $3.95/month, which gets you a home directory > on a box shared with hundreds of other users. In your home directory, > you get something like (from memory, which was a long, long time ago): > > ~/ > ~/public_www/ > ~/public_www/html/ > ~/public_www/access_log > ~/public_www/error_log > > So as you can see, the user does have permissions to access logs, but > are kept in the user's _home_ directory. Now you can see why this could > have mistakenly been distributed: > > tar zcf cryptome-backup.tar.gz ~/ > > The backup would have also slurped in all the logs. There was no malice, > just an easy mistake that everyone here could have make given the same > circumstances. > > Alfie > > -- > Alfie John > [email protected] > >
