From owner-freebsd-security Sun Aug 2 23:29:26 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA04616 for freebsd-security-outgoing; Sun, 2 Aug 1998 23:29:26 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from aniwa.sky (aniwa.actrix.gen.nz [203.96.56.186]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA04608 for ; Sun, 2 Aug 1998 23:29:21 -0700 (PDT) (envelope-from andrew@squiz.co.nz) Received: from localhost (andrew@localhost) by aniwa.sky (8.8.7/8.8.7) with SMTP id SAA01420; Mon, 3 Aug 1998 18:27:59 +1200 (NZST) (envelope-from andrew@squiz.co.nz) Date: Mon, 3 Aug 1998 18:27:59 +1200 (NZST) From: Andrew McNaughton X-Sender: andrew@aniwa.sky Reply-To: andrew@squiz.co.nz To: "M. Warner Losh" cc: Sheldon Hearn , "Jan B. Koum " , security@FreeBSD.ORG Subject: Re: files in /var/log In-Reply-To: <199808020407.WAA05970@pencil-box.village.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 1 Aug 1998, M. Warner Losh wrote: > Date: Sat, 01 Aug 1998 22:07:33 -0600 > From: "M. Warner Losh" > To: Sheldon Hearn > Cc: "Jan B. Koum " , security@FreeBSD.ORG > Subject: Re: files in /var/log > > In message <24385.901543204@iafrica.com> Sheldon Hearn writes: > : By the same token, what _don't_ you want your users to see? As a > : non-administrative user on several FreeBSD systems, I would be most > : disappointed if my read access to maillog and messages were revoked. > > Privacy conerns would be a big reason to keep maillog non-readable. I > know my wife would go non-linear if just anybody on the system could > see who she sent mail to or received mail from.... > > Warner So provide a sgid script to provide a filtered view of the log. It need take no arguments at all, so it's easy to secure. Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message