Your message dated Tue, 5 May 2009 20:22:16 +0200
with message-id <[email protected]>
and subject line Re: Bug#524801: ntop: access.log permissions
has caused the Debian Bug report #524801,
regarding ntop: access.log permissions
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
524801: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524801
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
package: ntop
severity: important
tags: security

hello,

fedora issued the following as a security update for ntop [0]:

  ls -lh /var/log/ntop/access.log  -rw-rw-rw- 1 root root 0 2009-02-04
  11:53 /var/log/ntop/access.log    

  Fixed.  

  log world-writable when the --access-log- file option is used.
  This option is not used in Fedora or Red Hat by default and is not
  noted in the configuration file.  It is, however, noted in the ntop
  manpage. It would require the root user to add this option to the
  configuration in order for this file to be created.

is this a problem with ntop in debian, and should it be tracked as a
security issue?

[0] https://admin.fedoraproject.org/updates/F10/FEDORA-2009-2805



--- End Message ---
--- Begin Message ---
Hi Nico

Thanks for the reminder. This is not an issue for Debian.
This option is a default option whenever the ntop software is started by 
init.d/ntop
and no such permission problem could be found.

This is how ntop is started on init.d:
  start-stop-daemon --start --quiet --name $NAME --exec $DAEMON -- \
  -d -L -u $USER -P $HOMEDIR \
  --access-log-file=$LOGDIR/access.log -i "$INTERFACES" \
  -p /etc/ntop/protocol.list \
  -O $LOGDIR $GETOPT

moonstone:~# ls -l /var/log/ntop/access.log
-rw------- 1 ntop ntop 4829 May  5 20:15 /var/log/ntop/access.log

I also checked the source and I can not see any reason for why it could be a 
problem in debian.
The only reason would be if started with a rediccously wrong umask.

So I'm closing this bug now.

Best regards,

// Ola

On Tue, May 05, 2009 at 03:47:07PM +0200, Nico Golde wrote:
> Hi,
> any news on this one?
> 
> Cheers
> Nico
> 
> -- 
> Nico Golde - http://www.ngolde.de - [email protected] - GPG: 0x73647CFF
> For security reasons, all text in this mail is double-rot13 encrypted.



-- 
 --------------------- Ola Lundqvist ---------------------------
/  [email protected]                     Annebergsslingan 37      \
|  [email protected]                      654 65 KARLSTAD          |
|  http://inguza.com/                  +46 (0)70-332 1551       |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36  4FE4 18A1 B1CF 0FE5 3DD9 /
 ---------------------------------------------------------------


--- End Message ---

Reply via email to