[sudo-users] log_output and log_input destination directories and files ownership and permissions

Luca Fornasari luca.fornasari at furna.com
Wed Oct 26 13:41:47 MDT 2016

On Wed, Oct 26, 2016 at 9:15 PM, Todd C. Miller
<Todd.Miller at courtesan.com> wrote:
> The mode and owner for the I/O log files is not currently configurable.
> There's no reason it can't be made configurable, there simply hasn't
> been a demand for that before.
> Sudo doesn't explicitly set the group on I/O log files.  For file
> systems with BSD group semantics the group is inherited from the
> parent directory.  Otherwise, the files get the user's group.  Since
> the file mode doesn't allow group access this is not a big deal.
> I'll put this on the roadmap for sudo 1.8.19.
>  - todd

Thanks Todd for the fast reply, the explanation and for having this on
the roadmap.

Let me just remark that setting group access permission to 0 *is* a
deal when it comes to Linux file systems ACLs.

Anyway I can't wait for 1.8.19 to be available.


More information about the sudo-users mailing list