[tor] Disallow group read for /var/log/tor
Jamie Nguyen
jamielinux at fedoraproject.org
Sun Mar 3 23:10:39 UTC 2013
commit d69d0008fc137ab16be8440106b885a994bdf31f
Author: Jamie Nguyen <j at jamielinux.com>
Date: Sun Mar 3 23:05:52 2013 +0000
Disallow group read for /var/log/tor
The plan was to change /var/lib/tor permissions to 0750 to match
/var/log/tor, but tor actually "fixes" the permissions back to
0700 at runtime. Thus, we'll change the permissions of /var/log/tor
to 0700 to match /var/lib/tor instead.
tor.spec | 7 +++----
1 files changed, 3 insertions(+), 4 deletions(-)
---
diff --git a/tor.spec b/tor.spec
index 4768e8b..ff5e43b 100644
--- a/tor.spec
+++ b/tor.spec
@@ -126,8 +126,8 @@ exit 0
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/tor/torrc
%config(noreplace) %{_sysconfdir}/logrotate.d/tor
-%attr(0750,%{toruser},%{torgroup}) %dir %{homedir}
-%attr(0750,%{toruser},%{torgroup}) %dir %{logdir}
+%attr(0700,%{toruser},%{torgroup}) %dir %{homedir}
+%attr(0700,%{toruser},%{torgroup}) %dir %{logdir}
%changelog
@@ -136,8 +136,7 @@ exit 0
upstream: https://bugzilla.redhat.com/show_bug.cgi?id=532373#c19
- remove unused files in git (verinfo and lastver)
- change URL to HTTPS
-- allow group read for %%{homedir}, which makes more sense as %%{logdir}
- also has group read
+- disallow group read for /var/log/tor
- remove TODO as it doesn't contain any useful information
* Fri Mar 01 2013 Jamie Nguyen <jamielinux at fedoraproject.org> 0.2.3.25-1928
More information about the scm-commits
mailing list