GNU bug report logs - #57701
Rotated logs has insecure file permissions

Previous Next

Package: guix;

Reported by: semente <semente <at> posteo.net>

Date: Fri, 9 Sep 2022 15:14:01 UTC

Severity: important

Tags: security

Merged with 64562

To reply to this bug, email your comments to 57701 AT debbugs.gnu.org.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to bug-guix <at> gnu.org:
bug#57701; Package guix. (Fri, 09 Sep 2022 15:14:01 GMT) Full text and rfc822 format available.
Acknowledgement sent to semente <semente <at> posteo.net>:
New bug report received and forwarded. Copy sent to bug-guix <at> gnu.org. (Fri, 09 Sep 2022 15:14:01 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: semente <semente <at> posteo.net>
To: "Guix Bug Reports" <bug-guix <at> gnu.org>
Subject: Rotated logs has insecure file permissions
Date: Fri, 09 Sep 2022 11:31:50 +0000

Rotated logs has different file permissions to the original log files.

For example the log file /var/log/secure:

-rw-r----- 1 root root  secure
-rw-r--r-- 1 root root  secure.1.gz
Added tag(s) security. Request was from Ludovic Courtès <ludo <at> gnu.org> to control <at> debbugs.gnu.org. (Fri, 21 Oct 2022 10:17:01 GMT) Full text and rfc822 format available.
Severity set to 'important' from 'normal' Request was from Ludovic Courtès <ludo <at> gnu.org> to control <at> debbugs.gnu.org. (Fri, 21 Oct 2022 10:17:02 GMT) Full text and rfc822 format available.
Merged 57701 64562. Request was from Maxim Cournoyer <maxim.cournoyer <at> gmail.com> to control <at> debbugs.gnu.org. (Tue, 12 Nov 2024 13:03:02 GMT) Full text and rfc822 format available.
This bug report was last modified 212 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.