[sudo-users] log_output and log_input destination directories and files ownership and permissions
Luca Fornasari
luca.fornasari at furna.com
Wed Oct 26 13:41:47 MDT 2016
On Wed, Oct 26, 2016 at 9:15 PM, Todd C. Miller
<Todd.Miller at courtesan.com> wrote:
> The mode and owner for the I/O log files is not currently configurable.
> There's no reason it can't be made configurable, there simply hasn't
> been a demand for that before.
>
> Sudo doesn't explicitly set the group on I/O log files. For file
> systems with BSD group semantics the group is inherited from the
> parent directory. Otherwise, the files get the user's group. Since
> the file mode doesn't allow group access this is not a big deal.
>
> I'll put this on the roadmap for sudo 1.8.19.
>
> - todd
Thanks Todd for the fast reply, the explanation and for having this on
the roadmap.
Let me just remark that setting group access permission to 0 *is* a
deal when it comes to Linux file systems ACLs.
Anyway I can't wait for 1.8.19 to be available.
Cheers,
Luca
More information about the sudo-users
mailing list