Package: syslog,acct Hello,
/var/log/auth.log and the other logfiels are world-readable. I think this is a security problem. Especially in auth.log there are often Passwords logged from users. In addition /var/accoun/pacct is readable, too. I think users should not be able to see ever executed command on a system (without beeing in group adm). Should i write a bug report for this, or is this an 'feature' of an opn system? Greetings Bernd -- (OO) -- [EMAIL PROTECTED] -- ( .. ) [EMAIL PROTECTED],ka.sub.org} http://home.pages.de/~eckes/ o--o *plush* 1024/E010B09D [EMAIL PROTECTED] +4972573817 *plush* (O____O) If privacy is outlawed only Outlaws have privacy
