I think it is possible to achieve this while also respecting the configured 

What do you think?

 It really does not matter at all, and the log files permissions are
relaxed by default because it gives the user one and only one place to
set the permissions they want: the log directory.

Not respecting the configured umask in s6-log deployments could be regarded as 
a security risk because it has the potential to expose sensitive log file 

 It really should not. s6-log logs to *directories*, not to files, and
when it creates a log directory, its permissions are 0700 by default, so
there is no risk of leaking data. If the admin wants to make the logs
public, they just have to make the directory publicly readable; otherwise,
the restricted directory prevents access to the actual files.

 But I suppose having the files o-r would make it easier to transfer
them away from the original log directory, so there's also an argument
for restricting the permissions.

In the end your idea that the log file permissions should be configurable via the umask is a good one: by default the umask is permissive and would
give the current behaviour, and someone who wants to securely transfer
files away from logdirs would set a restrictive umask before running
s6-log. So I will probably make that change. Thanks for the suggestion!


Reply via email to