Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Old 3rd November 2010, 00:09
Norman Norman is offline
HowtoForge Supporter
Join Date: May 2006
Posts: 242
Thanks: 0
Thanked 18 Times in 14 Posts
Default Security question (best practise)

I noticed /var/log/ispconfig/cron.log is created as -rw-rw-rw-
Shouldn't it be -rw-r--r-- ?

(Just writable by root)
It'd be pretty bad if someone else writes or tampers with it and it is accidently executed by root using another shell or bypassing the no no execute chmod on it.
Reply With Quote
Sponsored Links
Old 3rd November 2010, 19:29
falko falko is offline
Super Moderator
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts

I'd have to ask Till, but I could imagine that the permissions are like that on purpose so that cron jobs run by different users can be logged in the file. But that's just a guess.
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security question bernholdt Server Operation 4 25th June 2010 10:57
Unable to install ISPConfig bdonecker Installation/Configuration 21 26th May 2009 09:20
mysql security question clark61 General 1 10th April 2009 11:12
security question kidalabama Installation/Configuration 5 8th October 2008 13:12
General Security Question mphayesuk General 4 1st September 2008 12:54

All times are GMT +2. The time now is 09:00.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.