Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 26 May 2011 20:24:01 +0400
From: "(GalaxyMaster)" <galaxy@...nwall.com>
To: owl-dev@...ts.openwall.com
Subject: Re: access to log files

On Thu, May 26, 2011 at 06:16:26PM +0400, gremlin@...mlin.ru wrote:
> Just a suggestion:
> 
> 0620 root:syslogd -> 0640 syslogd:wheel

It's a bad suggestion, BTW, since it revokes rights from the syslogd to
be able to write to that file after the log rotation.  Our syslog drops
privileges, so after the rotation is done it's have effective group
syslogd and this is why the file is set group writable to that group.

Just my $0.02

-- 
(GM)

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ