Date: Mon, 3 Aug 1998 18:27:59 +1200 (NZST) From: Andrew McNaughton <andrew@squiz.co.nz> To: "M. Warner Losh" <imp@village.org> Cc: Sheldon Hearn <axl@iafrica.com>, "Jan B. Koum " <jkb@best.com>, security@FreeBSD.ORG Subject: Re: files in /var/log Message-ID: <Pine.BSF.3.96.980803182544.313B-100000@aniwa.sky> In-Reply-To: <199808020407.WAA05970@pencil-box.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 1 Aug 1998, M. Warner Losh wrote: > Date: Sat, 01 Aug 1998 22:07:33 -0600 > From: "M. Warner Losh" <imp@village.org> > To: Sheldon Hearn <axl@iafrica.com> > Cc: "Jan B. Koum " <jkb@best.com>, security@FreeBSD.ORG > Subject: Re: files in /var/log > > In message <24385.901543204@iafrica.com> Sheldon Hearn writes: > : By the same token, what _don't_ you want your users to see? As a > : non-administrative user on several FreeBSD systems, I would be most > : disappointed if my read access to maillog and messages were revoked. > > Privacy conerns would be a big reason to keep maillog non-readable. I > know my wife would go non-linear if just anybody on the system could > see who she sent mail to or received mail from.... > > Warner So provide a sgid script to provide a filtered view of the log. It need take no arguments at all, so it's easy to secure. Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980803182544.313B-100000>