Modify

Ticket #1191 (closed defect: fixed)

Opened 4 years ago

Last modified 4 years ago

/var/log/ebox bad perms

Reported by: jsalamero@… Owned by: juruen@…
Milestone: 1.0 Component: base
Severity: critical Keywords: security
Cc:

Description 

root@ebox:/var/log/ebox# ls -ld
drwxr-xr-x 3 ebox adm 4096 2008-12-11 20:41 .

which is open to everybody, it should be 750.

on a bug, when the data of the model is dumped to the log is a critical information disclosure break point.

Attachments

Change History

comment:1 Changed 4 years ago by ejhernandez@…

I think the problem is file permissions such as error.log, ebox.log that they should be 0750, not the directory itself.

comment:2 Changed 4 years ago by juruen@…

  • Status changed from new to closed
  • Resolution set to fixed

(In [12712]) set /var/log/ebox to 0750 closes #1191

View

Add a comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
The resolution will be deleted. Next status will be 'reopened'
Author


E-mail address and user name can be saved in the Preferences.

Attachments
 
Note: See TracTickets for help on using tickets.