> Package: syslog,acct > > Hello, > > /var/log/auth.log and the other logfiels are world-readable. > I think this is a security problem.
I agree. Not only that, but on a related note, "locate" should not place non-world-readable files in its database. If I remove read/execute permission from a directory, I don't want someone to be able to scan it by simply doing a "locate <username>". Do you want to submit the bug report, or shall I, Bernd? -Andrew. <[EMAIL PROTECTED]>
