Subject: Re: ktrace
To: Emmanuel Dreyfus <p99dreyf@criens.u-psud.fr>
From: Manuel Bouyer <bouyer@antioche.lip6.fr>
List: tech-security
Date: 01/15/2001 22:01:48
On Mon, Jan 15, 2001 at 04:56:30PM +0100, Emmanuel Dreyfus wrote:
> When running ktrace as root, the ktrace.out file is created according to
> root's umask. Don't you think it would be better to force that file to
> mode 600? 
> 
> As it is today, a negligent system administrator can leave a
> world-readable ktrace.out file in the filesystem, and this file might
> contain sensitive information 
> 
> Opinions?

Yes, that would be a good idea. I can't see a situation where a user would want
to read the ktrace.out of someone else (and don't have root access or passwd
do su).

--
Manuel Bouyer <bouyer@antioche.eu.org>
--