diff options
| author | peter <peter@FreeBSD.org> | 2000-07-14 01:12:50 +0000 |
|---|---|---|
| committer | peter <peter@FreeBSD.org> | 2000-07-14 01:12:50 +0000 |
| commit | d7ee90746cf828fdb44fbd975afca7a94a7fa072 (patch) | |
| tree | f83fda7d2daa4eaf9002dd66ff83a0677a7743ca /etc/Makefile | |
| parent | 758f41c92dac66f40115e5639b1432a55535f653 (diff) | |
| download | FreeBSD-src-d7ee90746cf828fdb44fbd975afca7a94a7fa072.zip FreeBSD-src-d7ee90746cf828fdb44fbd975afca7a94a7fa072.tar.gz | |
Change various log file modes from mode 664 to 644. Allowing group
wheel to trash logfiles is not exactly good security policy. There have
been several gid wheel holes in ports. Various other files were changed
as well (eg: the locate database were set to more restrictive modes (444)
by their generation scripts) so this should be safe for them. utmp and
wtmp are mode 644 already on all the systems we checked.
Submitted by: jkb
Reviewed by: kris
Diffstat (limited to 'etc/Makefile')
| -rw-r--r-- | etc/Makefile | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/etc/Makefile b/etc/Makefile index 9cd51d7..5356384 100644 --- a/etc/Makefile +++ b/etc/Makefile @@ -113,15 +113,15 @@ distribution: ${NOSPAM} ${DESTDIR}/etc/mail ${INSTALL} -c -o ${BINOWN} -g operator -m 664 /dev/null \ ${DESTDIR}/etc/dumpdates - ${INSTALL} -c -o nobody -g ${BINGRP} -m 664 /dev/null \ + ${INSTALL} -c -o nobody -g ${BINGRP} -m 644 /dev/null \ ${DESTDIR}/var/db/locate.database - ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 664 /dev/null \ + ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 644 /dev/null \ ${DESTDIR}/var/log/lpd-errs - ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 664 /dev/null \ + ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 644 /dev/null \ ${DESTDIR}/var/log/maillog - ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 664 /dev/null \ + ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 644 /dev/null \ ${DESTDIR}/var/log/lastlog - ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 664 /dev/null \ + ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 644 /dev/null \ ${DESTDIR}/var/log/messages ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 600 /dev/null \ ${DESTDIR}/var/log/security @@ -129,9 +129,9 @@ distribution: ${DESTDIR}/var/log/slip.log ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 600 /dev/null \ ${DESTDIR}/var/log/ppp.log - ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 664 /dev/null \ + ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 644 /dev/null \ ${DESTDIR}/var/log/wtmp - ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 664 /dev/null \ + ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 644 /dev/null \ ${DESTDIR}/var/run/utmp ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 664 ${.CURDIR}/minfree \ ${DESTDIR}/var/crash |
