Log permissions

AMMullan · 08-10-2004, 05:51 AM

Hey all

I'm just wondering if there is any big security hole in changing the log files in /var to 604 - the reason I ask is because I'm writing a PHP site that I will be able to access and i'd like to be able to logon and view my logs.

Can someone please give me some advice on this one?

Ta

pingu · 08-10-2004, 08:53 AM

It's not a big hole, but a security hole it is. It could give an intruder very much information about your system. I call it "Not a big hole" because of course your box is secure, right?

I'd say it's safer to logon via ssh and su to root. Not an expert in this subject, though, just my opinion.

chrism01 · 08-11-2004, 03:50 PM

I'd agree with Pingu.
Never confuse sysadmin stuff with application programming. It's just asking for trouble.

AMMullan · 08-12-2004, 04:10 AM

Thanks for the comments - i'll find another way of doing it and keep permissions as they are :-)