Bugtraq mailing list archives
Re: Changing default UMASK for all daemons
From: tsurmacz () ICT PWR WROC PL (Tomasz R. Surmacz)
Date: Mon, 16 Jun 1997 16:39:17 +0200
Joe Traister wrote:
On Fri, 13 Jun 1997, Dax Kelson wrote:This is applicable regarding files created by syslog, ftpd, etc.
[...]
This is from the Solaris 2.x FAQ: http://www.wins.uva.nl/pub/solaris/solaris2/ 3.48) How can I prevent daemons from creating mode 666 files?
[...]
Unfortunately this will not fix the problem with /var/log/syslog being 666 since the log rotation script /usr/lib/newsyslog explicitly sets the mode of this file to 666 when rotating it (at least under Solaris 2.5 on x86).
This is a completely different problem, which can be trivially solved by editing the /usr/lib/newsyslog script and changing 'chmod 666 $LOG' to 'chmod 644 $LOG' or if you want to do it 'the proper way' as Sun thinks you should, you may install the appropriate patch: 104614-01 SunOS 5.5.1_x86: /usr/lib/newsyslog patch 104613-01 SunOS 5.5.1: /usr/lib/newsyslog patch 104617-01 SunOS 5.4: /usr/lib/newsyslog patch Tomasz -- _________ (_ _' __) Tomasz R. Surmacz *--* Work:(071)320-2636 tsurmacz () ict pwr wroc pl | (__ \ http://www.ict.pwr.wroc.pl/~tsurmacz/ *----* Home: ts () wroc apk net |__(____/ For PGP key finger tsurmacz () asic ict pwr wroc pl *---* irc: TomekS
Current thread:
- Re: Netscape Exploit, (continued)
- Re: Netscape Exploit Micah Brandon (Jun 14)
- Re: Netscape Exploit Manoj Kasichainula (Jun 15)
- rshd gives away usernames David Holland (Jun 13)
- Re: rshd gives away usernames Erik Troan (Jun 13)
- Re: rshd gives away usernames Eric (Jun 13)
- Re: rshd gives away usernames Todd C. Miller (Jun 13)
- Re: rshd gives away usernames Alan Brown (Jun 14)
- Changing default UMASK for all daemons Dax Kelson (Jun 13)
- Re: Changing default UMASK for all daemons Joe Traister (Jun 14)
- Re: Changing default UMASK for all daemons Michael Helm (Jun 14)
- Re: Changing default UMASK for all daemons Tomasz R. Surmacz (Jun 16)
- Re: rshd gives away usernames Christophe Kalt (Jun 14)
- Netscape update on their web site Robert Watson (Jun 13)
- Re: Netscape update on their web site Manoj Kasichainula (Jun 13)
- Netscape Exploit... with technical details. Rusty Conover (Jun 13)
- Security Bulletins Digest Aleph One (Jun 13)