Re: /var/log/messages not world-readable anymore?
On Wed, 9 Jul 1997, Joey Hess wrote: Will Lowe: Well, here's an example of where it could be: I use diald to dial up an ISP account. Diald calls chat to execute a login-and-start-ppp script. Chat writes all of it's send/waitfor pairs to /var/log/messages. So anyone who can read /var/log/messages can also find my login and password for my ISP (in my case, my university). Not a problem here, becuase I use \q in the right places in my chat script to make the password not be shown. Any more examples of why this could be a security hole? I'm not sure why it is or isn't a security hole, but I think it might be a change in the new(er) version of sysklogd. I upgraded that package yesterday, and manually rotated my logs today, and voila! I could no longer tail -f my logs. Bummer. Pete Templin [EMAIL PROTECTED] -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: /var/log/messages not world-readable anymore?
Dum == Debian user mail [EMAIL PROTECTED] writes: Dum and voila! I could no longer tail -f my logs. Bummer. Can't you just add yourself to the log (or whatever) group, then? -- SSM - Stig Sandbeck Mathisen Trust the Computer, the Computer is your Friend -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: /var/log/messages not world-readable anymore?
Debian user mail writes: Any more examples of why this could be a security hole? I'm not sure why it is or isn't a security hole, but I think it might be a change in the new(er) version of sysklogd. I upgraded that package yesterday, and manually rotated my logs today, and voila! I could no longer tail -f my logs. Bummer. I don't like public readable logfiles that *can* contain confidential information. e.g. sendmail logs to that file who has sent a mail to whom. I believe this *is* confidential. If you don't think so, edit /etc/cron.weekly/sysklogd and make a manual chmod. Regards Joey -- / Martin Schulze * [EMAIL PROTECTED] * 26129 Oldenburg / / http://home.pages.de/~joey/ /Eine Kette ist nur so stark wie ihr schwächstes Glied / -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: /var/log/messages not world-readable anymore?
Dum and voila! I could no longer tail -f my logs. Bummer. Can't you just add yourself to the log (or whatever) group, then? It's actually adm, but this seems the best solution. Brian ( [EMAIL PROTECTED] ) --- measure with micrometer, mark with chalk, cut with axe, hope like hell -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
/var/log/messages not world-readable anymore?
I've got sysklogd 1.3-17 and it's made /var/log/messages no longer be world readable. Is there some security problem with letting any user read it? -- see shy jo -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: /var/log/messages not world-readable anymore?
On Wed, 9 Jul 1997, Joey Hess wrote: I've got sysklogd 1.3-17 and it's made /var/log/messages no longer be world readable. Is there some security problem with letting any user read it? Well, here's an example of where it could be: I use diald to dial up an ISP account. Diald calls chat to execute a login-and-start-ppp script. Chat writes all of it's send/waitfor pairs to /var/log/messages. So anyone who can read /var/log/messages can also find my login and password for my ISP (in my case, my university). Will [EMAIL PROTECTED] [EMAIL PROTECTED] http://www.ecl.udel.edu/~lowe/ * Good Idea: Feeding Stray Cats in the Park. Bad Idea: Feeding Stray Cats in the park ... to a bear. * -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: /var/log/messages not world-readable anymore?
Will Lowe: Well, here's an example of where it could be: I use diald to dial up an ISP account. Diald calls chat to execute a login-and-start-ppp script. Chat writes all of it's send/waitfor pairs to /var/log/messages. So anyone who can read /var/log/messages can also find my login and password for my ISP (in my case, my university). Not a problem here, becuase I use \q in the right places in my chat script to make the password not be shown. Any more examples of why this could be a security hole? -- see shy jo -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: /var/log/messages not world-readable anymore?
Joey Hess writes: I've got sysklogd 1.3-17 and it's made /var/log/messages no longer be world readable. Is there some security problem with letting any user read it? I don't like the idear of publically readable logfiles. If you like them, please edit /etc/cron.weekly/sysklogd. Regards Joey -- / Martin Schulze * [EMAIL PROTECTED] * 26129 Oldenburg / / A mathematician is a machine / / for converting coffee into theorems / -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: /var/log/messages not world-readable anymore?
On Wed, 9 Jul 1997 12:44:03 -0400 (EDT), Will Lowe wrote: On Wed, 9 Jul 1997, Joey Hess wrote: I've got sysklogd 1.3-17 and it's made /var/log/messages no longer be world readable. Is there some security problem with letting any user read it? /var/log/messages can also find my login and password for my ISP (in my case, my university). Not if you enclose the password in '/q' like the standard /etc/ppp.chatscript does. -- Elite MicroComputers 908-541-4214 http://www.psychosis.com/emc/ -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
Re: /var/log/messages not world-readable anymore?
On Wed, 9 Jul 1997, Dave Cinege wrote: On Wed, 9 Jul 1997 12:44:03 -0400 (EDT), Will Lowe wrote: On Wed, 9 Jul 1997, Joey Hess wrote: I've got sysklogd 1.3-17 and it's made /var/log/messages no longer be world readable. Is there some security problem with letting any user read it? /var/log/messages can also find my login and password for my ISP (in my case, my university). Not if you enclose the password in '/q' like the standard /etc/ppp.chatscript does. Not entirely true! The example script shows: ABORTBUSY ABORTNO CARRIER ABORTVOICE ABORTNO DIALTONE ATDTedit phone number here ogin put login name here word \qput password here\q All of the sudden one day I noticed my password showing up in the log files. I had to eliminate the second \q and then add it to the next statement pair. So be carefull. http://www.sound.net/~wpmills/ - : W. Paul Mills : Bill, I was there several years ago. : : Topeka, Kansas, U.S.A. : Why would I want to go back tomorrow?: : [EMAIL PROTECTED] : Where were you! : : [EMAIL PROTECTED] : : : [EMAIL PROTECTED] : Linux: Tomorrow's operating system, : : [EMAIL PROTECTED] :here, today. : : [EMAIL PROTECTED] : : : compuserve 70023,1750 : #define MY_TRUE_LOVE computer: -- http://homepage.midusa.net/~wpmills/ - -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .