| |
A security note | page 9 of 12 |
You should beware that the log files written to by syslogd will be created
by the program if they don't exist. Regardless of your current umask setting,
the files will be created world-readable. If you're concerned about the
security, you should chmod the files to be read-write by root only.
Additionally, the logrotate program (described below) can be
configured to create new log files with the appropriate permissions. The
syslog daemon always preserves the current attributes of an existing log file,
so you don't need to worry about it once the file is created.
|