1 |
At 2004-11-17T10:22:40-0500, Casper the Friendly Ghost |
2 |
<casper@×××××××××××××××××.com> wrote: |
3 |
> Couldn't it be possible for grsec to have another option (restrict |
4 |
> /var/run/utmp and /var/log/wtmp) ? Users don't need neither read nor |
5 |
> write access (the logging done in the files is done at login). |
6 |
|
7 |
There's an easier way to restrict read access to a file than patching |
8 |
the kernel. |
9 |
|
10 |
chmod o-r /var/*/?tmp |
11 |
|
12 |
-- |
13 |
Batou: Hey, Major... You ever hear of "human rights"? |
14 |
Kusanagi: I understand the concept, but I've never seen it in action. |
15 |
--Ghost in the Shell |