On Tue, Oct 09, 2012 at 08:17:41PM +0200, Lennart Poettering wrote: > On Tue, 09.10.12 10:31, Matthew Miller (mattdm@xxxxxxxxxxxxxxxxx) wrote: > > > On a related but tangental note: I notice that journalctl allows access to > > members of the admin group by default. > > Well, I'd say this differently: we _restrict_ access to "adm", in > contrast to the previous logic where everybody was allowed to read > /var/log/messages and only root /var/log/secure. > [snip] > than the Fedora default of world-readability of logs, from a security > PoV. > A bit of a tangent but.... AFAICT, /var/log/messages has been 0600 root:root for quite a while. So it's more correct to talk about how changes have opened up /var/log/messages to a group than how it's closed off a world readable file. Do your fresh installs show something different? > > Could we make that a default on Fedora in addition to adm? (I assume this is > > polkit but can't see it offhand -- hmmm... looks to be hard-coded in the > > source?) I don't really have a strong opinion about whether adm should work > > or not, but wheel should. > > Well, we could of course add this as ACL, but I wonder if it wouldn't be > nicer to declare that "adm" is for seeing, and "wheel" for doing as I > suggested above. > If so... usually people want to look at doing as a superset of seeing. We talk about read-only vs read-write a lot more than read-only vs write-only. -Toshio
Attachment:
pgpxlSxIw65DI.pgp
Description: PGP signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
