[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [linux-security] LINUX:/var/log/messages world readable

From: Avery Pennarun <apenwarr foxnet net>
To: linux-security redhat com
Subject: Re: [linux-security] LINUX:/var/log/messages world readable
Date: Sat, 14 Dec 1996 15:36:47 -0500 (EST)

On Tue, 10 Dec 1996, Dave G. wrote:

> #!/bin/sh
> #
> # yankpw
> #
> # Under a lot of linux distributions(I know Redhat 3.0.3 and Slackware 3.0)
> # /var/log/messages is world readable. If a user types in his password at
> # the login prompt, it may get logged to /var/log/messages.
> #
> # I could swear this topic has been beaten to death, but I still see this
> # problem on every linux box I have access to.

On my Debian 1.1 system, the information is logged to /var/log/auth.log,
which has these default permissions:

    -rw-r-----   1 root     adm          1897 Dec 14 15:33 auth.log

Still readable by anyone in group adm, but not as dangerous as the
world-readable messages file (which, I believe, can stay world-readable on
most systems for convenience to users).

I don't know what the latest Red Hat would do.

[mod: That is actually the way it should be. I personally a) have the 
root password and b) want to be able to browse the messages files for
interesting stuff. I'd then add my useraccount to the group adm to be
able to freely do that. Red Hat 4.0 has the "secure" logfile, but it
has 644 permissions, and the login failures get logged to the "messages"
file anyway..... -- REW]

Avery

References:
- LINUX:/var/log/messages world readable
  - From: Dave G.

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]