GNU bug report logs

#57701 Rotated logs has insecure file permissions

PackageSource(s)Maintainer(s)
guix PTS Buildd Popcon
Reply or subscribe to this bug. View this bug as an mbox, status mbox, or maintainer mbox

Report forwarded to bug-guix@gnu.org:
bug#57701; Package guix. (Fri, 09 Sep 2022 15:14:01 GMT) (full text, mbox, link).

Acknowledgement sent to semente <semente@posteo.net>:
New bug report received and forwarded. Copy sent to bug-guix@gnu.org. (Fri, 09 Sep 2022 15:14:01 GMT) (full text, mbox, link).

Message #5 received at submit@debbugs.gnu.org (full text, mbox, reply):

From: semente <semente@posteo.net>
To: "Guix Bug Reports" <bug-guix@gnu.org>
Subject: Rotated logs has insecure file permissions
Date: Fri, 09 Sep 2022 11:31:50 +0000
Rotated logs has different file permissions to the original log files.

For example the log file /var/log/secure:

-rw-r----- 1 root root  secure
-rw-r--r-- 1 root root  secure.1.gz

Added tag(s) security. Request was from Ludovic Courtès <ludo@gnu.org> to control@debbugs.gnu.org. (Fri, 21 Oct 2022 10:17:01 GMT) (full text, mbox, link).

Severity set to 'important' from 'normal' Request was from Ludovic Courtès <ludo@gnu.org> to control@debbugs.gnu.org. (Fri, 21 Oct 2022 10:17:02 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

debbugs.gnu.org maintainers <help-debbugs@gnu.org>. Last modified: Sun Sep 8 03:22:42 2024; Machine Name: wallace-server

GNU bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.