Ticket #2416 (closed good practice: fixed)
ispCP log files shouldn't be readable by everyone
|Reported by:||nuxwin||Owned by:||scitech|
|Priority:||normal||Milestone:||ispCP ω 1.0.7|
|Component:||Backend (Engine)||Version:||ispCP ω trunk|
Description (last modified by nuxwin) (diff)
According good practices, and after the last discussion that have had with Marc, all ispCP log files shouldn't readable by everyone. We should prevent any potential sensible informations revelation.
For the record, I report here the relevant passages of the discussion that I had with Marc
About the logfile-related security fixes, don't you think that it would be good to make them non-world-readable in future releases? Almost every other program writes its logs non-world-readable, so I think it's standard practice...
Hello my dear ;
Sure ; You right on this issue. Now, I (we) should think for the way to do the job. I'll inspect the current way for logging purpose. If you have any idea about how to do that, you're welcome.
I think it would be enough to:
- Move ispcp-arpl-msgr logs from /var/log/ispcp/ispcp-arpl-msgr to /var/log/ispcp-arpl-msgr.
- In the set-engine-permissions.sh script, set the /var/log/ispcp folder perms as 750 with root:root owner.
- In the same script, set /var/log/ispcp-arpl-msgr perms as 750 with vmail:mail owner.
This way, even if the logfiles themselves are world-readable, users will not be able to get inside their parent folders. Hence, they'll be effectively prevented from reading them.
- Summary changed from ispCP log files should'nt be readable by everyone to ispCP log files shouldn't be readable by everyone
- Owner changed from nuxwin to scitech
- Status changed from assigned to new
- Milestone changed from ispCP ω 1.0.8 to ispCP ω 1.0.7