On Mon, Feb 28, 2011 at 11:46:13AM -0500, Steve Grubb wrote: > On Friday, February 25, 2011 03:13:31 am Matthias Runge wrote: > > - change systems logs owners from root:root mode 600 to root:adm mode > > 640 (or something similar) > > So, what would be the implementation of this? How would logcheck or any log reader > work. Would they be setgid applications or would they start as root and change to this > new account? Usually they are run as the required user in a cron job and the admin (root) needs to configure / install them to run. For security reasons, logcheck should not be run with root permissions, but it still needs access to the log files to process them. Regards Till
Attachment:
pgpgctI_24bLs.pgp
Description: PGP signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
