[Gllug] Default messages perm
Bruce Richardson
itsbruce at uklinux.net
Sun Jun 4 13:50:26 UTC 2006
On Sun, Jun 04, 2006 at 01:04:38PM +0100, Nix wrote:
>
> Perhaps you don't care who can read those logfiles?
>
> Most non-security-critical logfiles on most machines I administer are
> world-readable, simply for convenience's sake. If a nasty cracker's
> reading some logfile would do no harm at all, why not make it world-
> readable?
Because if something sensitive ever did start appearing in those log
files (perhaps an upgrade caused some syslog confusion) then you are
exposed until you realise and you retrofit security.
In most computing environments, only sysadmins or key developers need to
see the logs, so restricting log visibility to an admin group is no big
hardship.
If you are secure by default, it's actually easier to be flexible when
necessary. Imagine you have a critical application problem that slipped
past QA and is causing problems in your production environment; if you
have locked your systems down sensibly, adding a temporary account for a
developer is not much of a hazard. You can give them access to what
they need with careful use of sudo and/or group membership. If you
have left things wide open, you either need to go scrambling around
before you give them access or just accept the associated risks.
--
Bruce
Explota!: miles de lemmings no pueden estar equivocados.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20060604/0aff0b50/attachment.pgp>
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list