You are not logged in.

#1 2019-11-15 19:27:12

regid
Member
Registered: 2016-06-06
Posts: 201

Does mode of /var/log/audit should have been 700 from the beginning?

Am I right that:

  1. Old audit packages stated mode 755 wrongly. Reference: bug #61713.

  2. Any user with mode 755 for this directory might have this due to the error on the part of old audit packages. There for, he should manually set the mode to 700.

  3. bug #61671 should be closed. Additional comments about closing might refer to this thread.

?


powerofforreboot.efi (AUR): Utilities to be used from within a UEFI boot manager or shell.

Offline

#2 2019-11-16 12:39:49

Lone_Wolf
Member
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 11,868

Re: Does mode of /var/log/audit should have been 700 from the beginning?

Does mode of /var/log/audit should have been 700 from the beginning?

No, in the past kernel messages like dmesg were considered to be useful for all users, hence the 755 permisssions .

Recently many people have shifted stance and now feel the info in kernel messages helps attackers to compromise systems.
The chosen solution was to make those messages only accessible to root = 700 permisssions.

Last edited by Lone_Wolf (2019-11-16 12:40:25)


Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.


(A works at time B)  && (time C > time B ) ≠  (A works at time C)

Offline

Board footer

Powered by FluxBB