On Apr 27, 2010, at 1:01 PM, Mark Ritchie wrote:
On 27/Apr/2010, at 11:56 AM, Chuck Hill wrote:
To be clear, I don't advocate changing the log file to be world
writable.
Why not? It is a log file, it is for debugging. How serious is
this security issue really compared to having debug log files that
few will ever figure out how to make work? Either I am missing
something, or that is a trade off that I'd be willing to look at.
Well, first off, my BOFH training says that I get to decide who can
write to my log files! ;-)
Secondly, the adaptor code isn't careful to check that it is a log
file before making changes to it.
In the case where these changes are done by a process running as
root, care must be taken.
Still sounds like a fine academic theory dashed on the sharp, jagged
rocks of reality to me. :-P
--
Chuck Hill Senior Consultant / VP Development
Practical WebObjects - for developers who want to increase their
overall knowledge of WebObjects or who are trying to solve specific
problems.
http://www.global-village.net/products/practical_webobjects
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list ([email protected])
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com
This email sent to [email protected]
