2011/1/24 Michael Ben-Nes <[email protected]>

> Hi everyone,
>
> I been asked to remove the adm group from one of the system I manage.
>
> What is the purpose of this group?
> Will the removal contribute to the general security of the OS?
>
>
Generally used for administrators in their non-privileged user, in order to
perform administrative jobs that relate to monitoring, reading logs from
/var/log - etc.

So you could put the admin user in this group, and every log file with adm
as the group would be readable by him (and chmod the logs to 640) - and not
to all the users on the system.

HTH,

-- Shimi
_______________________________________________
Linux-il mailing list
[email protected]
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Reply via email to