On Fri, 12 Sep 2008 18:02:37 -0400
Greg Larkin <[EMAIL PROTECTED]> wrote:

> Hi Marco,
> Right you are!  In fact, after my initial logcheck commit, someone
> opened a PR stating something very similar to what you noted:
> http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/127255
> The submitter's point is that the logcheck user should not be part of
> the wheel group, since that also confers the ability to su to root and
> read many files that should be private.
> A patch has been committed very recently to remove the logcheck user
> from the wheel group and change the verbiage in pkg-message:
> http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/logcheck/files/pkg-install.in.diff?r1=1.1;r2=1.2
> http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/logcheck/files/pkg-message.in.diff?r1=1.1;r2=1.2
> Any file that needs to be analyzed by logcheck will now have to be
> readable by the logcheck group instead of the wheel group.
> Best regards,
> Greg
> - --
> Greg Larkin

I upgraded to the latest version today and now there is a separate
logcheck group. But logcheck still only works when the logfiles have
permission 644. Most of them had permissions set to 600 but then I get
the same error messages as before.

Or should I change the owner of all logfiles from root to logcheck and
then the permissions back to 600?

I'd rather just believe that it's done by little elves running around.
freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to