oss-sec mailing list archives
Re: nginx world-readable logdir
From: gremlin () gremlin ru
Date: Fri, 22 Feb 2013 11:17:10 +0400
On 21-Feb-2013 18:50:14 +0100, Agostino Sarubbo wrote:
I just noticed my nginx logdir and its content are world-readable: What do you think about?
About misconfiguration? Nothing: % grep create /etc/logrotate.d/nginx create 640 root wheel % -- Alexey V. Vissarionov aka Gremlin from Kremlin <gremlin ПРИ gremlin ТЧК ru> GPG key ID: 0xEF3B1FA8, keyserver: hkp://subkeys.pgp.net GPG key fingerprint: 8832 FE9F A791 F796 8AC9 6E4E 909D AC45 EF3B 1FA8
Current thread:
- nginx world-readable logdir Agostino Sarubbo (Feb 21)
- Re: nginx world-readable logdir Henri Salo (Feb 21)
- CVE request: nginx world-readable logdir Henri Salo (Feb 21)
- Re: CVE request: nginx world-readable logdir Kurt Seifried (Feb 21)
- Re: CVE request: nginx world-readable logdir Anders Petersson (Feb 21)
- Re: CVE request: nginx world-readable logdir Anders Petersson (Feb 21)
- Re: CVE request: nginx world-readable logdir Kurt Seifried (Feb 21)
- Re: CVE request: nginx world-readable logdir Kurt Seifried (Feb 21)
- Re: nginx world-readable logdir Kurt Seifried (Feb 21)
- Re: nginx world-readable logdir gremlin (Feb 22)
- Re: nginx world-readable logdir Kurt Seifried (Feb 22)
- Re: nginx world-readable logdir Henri Salo (Feb 22)
- Re: nginx world-readable logdir gremlin (Feb 22)
- nginx CVE-2013-0337 world-readable logs gremlin (Feb 23)
- Re: nginx CVE-2013-0337 world-readable logs Kurt Seifried (Feb 24)