From owner-freebsd-security  Thu Jul 12 19:52:30 2001
Delivered-To: freebsd-security@freebsd.org
Received: from mail.halplant.com (24-168-203-47.wo.cox.rr.com [24.168.203.47])
	by hub.freebsd.org (Postfix) with ESMTP id 281AE37B401
	for <FreeBSD-Security@FreeBSD.org>; Thu, 12 Jul 2001 19:52:28 -0700 (PDT)
	(envelope-from A.J.Caines@halplant.com)
Received: by mail.halplant.com (Postfix, from userid 1001)
	id 3E0091FD5; Thu, 12 Jul 2001 22:52:17 -0400 (EDT)
Date: Thu, 12 Jul 2001 22:52:17 -0400
From: Andrew J Caines <A.J.Caines@halplant.com>
To: FreeBSD Security <FreeBSD-Security@FreeBSD.org>
Subject: Re: Permission on /var/log
Message-ID: <20010712225217.F58433@hal9000.servehttp.com>
Reply-To: Andrew J Caines <A.J.Caines@halplant.com>
Mail-Followup-To: FreeBSD Security <FreeBSD-Security@FreeBSD.org>
References: <20010712204855.A23897@phxby.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20010712204855.A23897@phxby.com>; from irwanhadi@phxby.com on Thu, Jul 12, 2001 at 08:48:55PM -0600
Organization: H.A.L. Plant
X-Powered-by: FreeBSD 4.3-STABLE
X-PGP-Fingerprint: C59A 2F74 1139 9432 B457  0B61 DDF2 AA61 67C3 18A1
Importance: Normal
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Irwan,

> I don't know whether this question already asked many times or not, but is it
> okay that some log files at /var/log has permission 644 ? Shouldn't it be 600
> ?

That would be up to you as the sysadmin. You choose what to log, where to
log it and who can do what with those logs.

For example, you may want to keep security, auth and authpriv messages in
a log file with 600 permissions, while you may not care who can read the
the mail log.

What information gets written to what log is defined in syslog.conf. 

Don't forget to set the correct mode (and optionally ownership) in
newsyslog.conf so that permissions are correct after rotation.


-Andrew-
-- 
 ______________________________________________________________________
| -Andrew J. Caines-   Unix Systems Engineer   A.J.Caines@halplant.com |

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message