From owner-freebsd-hackers@FreeBSD.ORG Wed Nov 19 10:34:01 2008 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8BD481065672 for ; Wed, 19 Nov 2008 10:34:01 +0000 (UTC) (envelope-from yanefbsd@gmail.com) Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.229]) by mx1.freebsd.org (Postfix) with ESMTP id 591B68FC19 for ; Wed, 19 Nov 2008 10:34:01 +0000 (UTC) (envelope-from yanefbsd@gmail.com) Received: by rv-out-0506.google.com with SMTP id b25so3216027rvf.43 for ; Wed, 19 Nov 2008 02:34:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=jtRGQCFpBYcFF8AZmSXUlL7TcyLhT7U0/I7fm6SSoGg=; b=m/mwJypONrcS8EI+rkPOrNNT53KVgYXGu24EkjfmGGsSpEiFxPeZEKI57cSm0HG0uj kxntLo9EoVLK5hcVyIZpdo608/nGopX2SB4XLuNgIoSkXBpMryUfTlRVW40cfOQzRqeQ 3G9WFLjw1jDfE3eEflm4zLvQ7Z68EfvnttREk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=Zt0x0rDXEgxUGTn6aakQjujcMGkZOMBdkvuE6IkpGlj9pYzzhVyNsSOyDd/jq1QxZL 1OuWA6TctIH4DVz05+8xci7OXmvcoaDCeiFg15VDUuBBlGyJGfiSTaDKmGqjoaFI6RT8 swzcPOzYniFaVCpcI11wTFORrIeWw8LfrpaV0= Received: by 10.141.162.9 with SMTP id p9mr510243rvo.45.1227088962577; Wed, 19 Nov 2008 02:02:42 -0800 (PST) Received: by 10.141.79.14 with HTTP; Wed, 19 Nov 2008 02:02:42 -0800 (PST) Message-ID: <7d6fde3d0811190202p4f6d8941h3932b70b8fe1a93a@mail.gmail.com> Date: Wed, 19 Nov 2008 02:02:42 -0800 From: "Garrett Cooper" To: "David Wolfskill" , "Ed Schouten" , "FreeBSD Hackers" In-Reply-To: <20081118214919.GM83287@bunrab.catwhisker.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20081028081154.GQ6808@hoeg.nl> <20081118213410.GA81783@hoeg.nl> <20081118214919.GM83287@bunrab.catwhisker.org> Cc: Subject: Re: [Testers wanted] /dev/console cleanups X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Nov 2008 10:34:01 -0000 On Tue, Nov 18, 2008 at 1:49 PM, David Wolfskill wrote: > On Tue, Nov 18, 2008 at 10:34:10PM +0100, Ed Schouten wrote: >> ... >> One solution would be to let xconsole just display /var/log/messages. > > Errr... it may be rather a pathological case, but you might want to > check the content of /etc/syslog.conf on the local machine before > getting too carried away with that approach. > > For example, on my "firewall" box at home (where I really do not want to > log anything to local disk files, though I do have a serial console on it): > > janus(6.4-P)[1] grep -v '^#' /etc/syslog.conf > *.* @bunrab.catwhisker.org > janus(6.4-P)[2] > > And then consider the fate of bunrab -- with stuff getting logged to > /var/log/messages from various machines.... > >> ... >> I'll discuss this with others to decide if we should take such an >> approach. > > I'm not trying to be obstructionist, here. If the above case is really > "too pathological to consider" -- or if it's a case of me bringing that > fate upon myself, I suppose -- that's actually something I can live > with. It would be nice to be forwarned about it, though. :-} > > Peace, > david Uh, I second that. /var/log/messages shouldn't necessarily be accessible by non-root users. Also, OSX 10.5 protects against non-root access to dmesg. Not saying we should go that far, but it's already being implemented, so I don't see any harm in hiding the contents of `messages', as required by the sysadmin. -Garrett