You are not logged in.

#1 2019-11-15 19:27:12

regid
Member
Registered: 2016-06-06
Posts: 171

Does mode of /var/log/audit should have been 700 from the beginning?

Am I right that:

  1. Old audit packages stated mode 755 wrongly. Reference: bug #61713.

  2. Any user with mode 755 for this directory might have this due to the error on the part of old audit packages. There for, he should manually set the mode to 700.

  3. bug #61671 should be closed. Additional comments about closing might refer to this thread.

?


pantum-p1000-p2000-p3000-m5100-m5200-ppd-driver (AUR): PPDs, drivers, for Pantum P1000, P2000, P3000, M5100, M5200 printers.
powerofforreboot.efi (AUR): Utilities to be used from within a UEFI boot manager or shell.

Offline

#2 2019-11-16 12:39:49

Lone_Wolf
Member
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 8,201

Re: Does mode of /var/log/audit should have been 700 from the beginning?

Does mode of /var/log/audit should have been 700 from the beginning?

No, in the past kernel messages like dmesg were considered to be useful for all users, hence the 755 permisssions .

Recently many people have shifted stance and now feel the info in kernel messages helps attackers to compromise systems.
The chosen solution was to make those messages only accessible to root = 700 permisssions.

Last edited by Lone_Wolf (2019-11-16 12:40:25)


Multi-init booting with apg Openrc and systemd coexisting
Automounting : not needed, i prefer pmount
Aur helpers : makepkg + my own local repo === rarely need them

Offline

Board footer

Powered by FluxBB