Security question (best practise)
I noticed /var/log/ispconfig/cron.log is created as -rw-rw-rw-
Shouldn't it be -rw-r--r-- ?
(Just writable by root)
It'd be pretty bad if someone else writes or tampers with it and it is accidently executed by root using another shell or bypassing the no no execute chmod on it.
I'd have to ask Till, but I could imagine that the permissions are like that on purpose so that cron jobs run by different users can be logged in the file. But that's just a guess.
|All times are GMT +2. The time now is 11:32.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.