Re: Permissions of log files

From: Laurent Bercot <ska-skaware_at_skarnet.org>
Date: Sun, 03 Jan 2021 21:20:18 +0000

>I think it is possible to achieve this while also respecting the configured umask.
>
>What do you think?

  It really does not matter at all, and the log files permissions are
relaxed by default because it gives the user one and only one place to
set the permissions they want: the log directory.


>Not respecting the configured umask in s6-log deployments could be regarded as a security risk because it has the potential to expose sensitive log file content.

  It really should not. s6-log logs to *directories*, not to files, and
when it creates a log directory, its permissions are 0700 by default, so
there is no risk of leaking data. If the admin wants to make the logs
public, they just have to make the directory publicly readable;
otherwise,
the restricted directory prevents access to the actual files.

  But I suppose having the files o-r would make it easier to transfer
them away from the original log directory, so there's also an argument
for restricting the permissions.

  In the end your idea that the log file permissions should be
configurable
via the umask is a good one: by default the umask is permissive and
would
give the current behaviour, and someone who wants to securely transfer
files away from logdirs would set a restrictive umask before running
s6-log. So I will probably make that change. Thanks for the suggestion!

--
  Laurent
Received on Sun Jan 03 2021 - 21:20:18 UTC

This archive was generated by hypermail 2.3.0 : Sun May 09 2021 - 19:38:49 UTC