On Monday 14 November 2005 11:35 pm, Forrest Sedgwick wrote: > Hello everyone, I have a security question. I was wondering what the > risks are in making /var/log/messages readable by everyone. I am > often checking this log and right now I need to su every time to do > it. I have not modified syslog.conf in anyway, so the entry for > messages still reads: > > *.info;mail.none;authpriv.none;cron.none > /var/log/messages > > This is on my laptop, which is not used as any time of server or > anything. But since I'm a newbie I thought it would be a good idea > to check before changing around these types of security settings... > > Thanks, > -Forrest How about: * making a group 'messages', * chgrp'ing /var/log/messages * chmod 640 /var/log/messages * add your user to the group in /etc/groups That would let you view but not update the file, but what else it would affect I don't know. As the default mode seems to be 600 I wouldn't have thought much. -- Gary Stainburn This email does not contain private or confidential material as it may be snooped on by interested government parties for unknown and undisclosed purposes - Regulation of Investigatory Powers Act, 2000
