Michael, Thanks for your reply.
/var/log/btmp should not be world readable because a common cause of login failures is to give password instead of username, which would result in passwords being world readable. See Debian bug 341883: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=341883 sshd (from OpenSSH) will refuse to write to /var/log/btmp if it is world readable. This comment is from openssh/loginrec.c: /* * Logs failed login attempts in _PATH_BTMP if that exists. * The most common login failure is to give password instead of username. * So the _PATH_BTMP file checked for the correct permission, so that * only root can read it. */ I don't think /var/log/wtmp or /var/run/utmp record failed logins, so they can be world readable. Mark. Michael Biebl writes: > Control: tags -1 + moreinfo > > Am 03.08.2017 um 18:46 schrieb Mark Charter: > > Package: systemd > > Version: 232-25+deb9u1 > > Severity: normal > > > > Dear Maintainer, > > > > When /var/log/btmp is created at installation (by > > /var/lib/dpkg/info/base-files.postinst) its permissions are 0660 > > (u=rw,g=rw,o=). When it is (re)created by log file rotation (in > > /etc/logrotate.conf) its permissions are also 0660. But if it is > > created by systemd, or after a reboot, its permissions (from > > /usr/lib/tmpfiles.d/var.conf) are 0600. So its permissions can change > > with time, and they often change across a reboot. > > > > I suggest that the three sources of file permissions should be made > > consistent, for example by changing the permissions in > > /usr/lib/tmpfiles.d/var.conf from > > > > f /var/log/btmp 0600 root utmp - > > > > to > > > > f /var/log/btmp 0660 root utmp - > > Why do /var/log/btmp and /var/log/utmp have different permissions, i.e. > 0660 vs 0664 in Debian? That seems inconsistent as well. > > > -- > Why is it that all of the instruments seeking intelligent life in the > universe are pointed away from Earth? > > x[DELETED ATTACHMENT signature.asc, application/pgp-signature] _______________________________________________ Pkg-systemd-maintainers mailing list Pkg-systemd-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-systemd-maintainers