Rotated logs has insecure file permissions

  • Open
  • quality assurance status badge
Details
3 participants
  • Ludovic Courtès
  • Maxim Cournoyer
  • semente
Owner
unassigned
Submitted by
semente
Severity
important
Merged with
S
S
semente wrote on 9 Sep 2022 13:31
(name . Guix Bug Reports)(address . bug-guix@gnu.org)
513050f2-2631-474b-9a31-8f9aa945dead@www.fastmail.com
Rotated logs has different file permissions to the original log files.

For example the log file /var/log/secure:

-rw-r----- 1 root root secure
-rw-r--r-- 1 root root secure.1.gz
L
L
Ludovic Courtès wrote on 21 Oct 2022 12:16
control message for bug #57701
(address . control@debbugs.gnu.org)
8735bh8ota.fsf@gnu.org
tags 57701 + security
quit
L
L
Ludovic Courtès wrote on 21 Oct 2022 12:16
(address . control@debbugs.gnu.org)
871qr18osy.fsf@gnu.org
severity 57701 important
quit
M
M
Maxim Cournoyer wrote on 12 Nov 14:00 +0100
control message for bug #64562
(address . control@debbugs.gnu.org)
878qto38tz.fsf@gmail.com
merge 64562 57701
quit
?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 57701@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 57701
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch