Re: Making /var/log/messages readable

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Monday 14 November 2005 11:35 pm, Forrest Sedgwick wrote:
> Hello everyone, I have a security question.  I was wondering what the
> risks are in making /var/log/messages readable by everyone.  I am
> often checking this log and right now I need to su every time to do
> it.  I have not modified syslog.conf in anyway, so the entry for
> messages still reads:
>
> *.info;mail.none;authpriv.none;cron.none               
> /var/log/messages
>
> This is on my laptop, which is not used as any time of server or
> anything.  But since I'm a newbie I thought it would be a good idea
> to check before changing around these types of security settings...
>
> Thanks,
> -Forrest

How about:

* making a group 'messages', 
* chgrp'ing /var/log/messages 
* chmod 640 /var/log/messages
* add your user to the group in /etc/groups

That would let you view but not update the file, but what else it would 
affect I don't know.  As the default mode seems to be 600 I wouldn't 
have thought much.





-- 
Gary Stainburn
 
This email does not contain private or confidential material as it
may be snooped on by interested government parties for unknown
and undisclosed purposes - Regulation of Investigatory Powers Act, 2000     


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux