On 2016-05-24 17:10, Andreas Tille wrote: > Hi Andreas, > > thanks for running these tests. Could you be please be more verbose in > how far it is a problem if a program enables users to write logs on a > collective place which is the intention of enabling users to write > there? > > I confirm that its possible for other users to delete / change logs. > Well, yes, that could happen but its not security relevant in my eyes. > Any better suggestion is welcome.
Perhaps you want 1777? Are the logfile names predictable? Created in a safe way? eve $ ln -sf /home/bob/important.file /var/log/jmodeltest/bob.log bob $ run_jmodeltest # overwrites /home/bob/important.file ? Andreas
