| 1 |
At 2004-11-17T10:22:40-0500, Casper the Friendly Ghost |
| 2 |
<casper@×××××××××××××××××.com> wrote: |
| 3 |
> Couldn't it be possible for grsec to have another option (restrict |
| 4 |
> /var/run/utmp and /var/log/wtmp) ? Users don't need neither read nor |
| 5 |
> write access (the logging done in the files is done at login). |
| 6 |
|
| 7 |
There's an easier way to restrict read access to a file than patching |
| 8 |
the kernel. |
| 9 |
|
| 10 |
chmod o-r /var/*/?tmp |
| 11 |
|
| 12 |
-- |
| 13 |
Batou: Hey, Major... You ever hear of "human rights"? |
| 14 |
Kusanagi: I understand the concept, but I've never seen it in action. |
| 15 |
--Ghost in the Shell |
Archives