You are not logged in.

#1 2019-11-15 19:27:12

regid
Member
Registered: 2016-06-06
Posts: 141

Does mode of /var/log/audit should have been 700 from the beginning?

Am I right that:

  1. Old audit packages stated mode 755 wrongly. Reference: bug #61713.

  2. Any user with mode 755 for this directory might have this due to the error on the part of old audit packages. There for, he should manually set the mode to 700.

  3. bug #61671 should be closed. Additional comments about closing might refer to this thread.

?


powerofforreboot.efi (AUR): Utilities to be used from within a UEFI boot manager or shell.

Offline

#2 2019-11-16 12:39:49

Lone_Wolf
Member
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 7,455

Re: Does mode of /var/log/audit should have been 700 from the beginning?

Does mode of /var/log/audit should have been 700 from the beginning?

No, in the past kernel messages like dmesg were considered to be useful for all users, hence the 755 permisssions .

Recently many people have shifted stance and now feel the info in kernel messages helps attackers to compromise systems.
The chosen solution was to make those messages only accessible to root = 700 permisssions.

Last edited by Lone_Wolf (2019-11-16 12:40:25)


Multi-init booting with apg Openrc and systemd coexisting
Automounting : not needed, i prefer pmount
Aur helpers : makepkg + my own local repo === rarely need them

Offline

Board footer

Powered by FluxBB