The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

world readable .../messages and the pon script



This must have come up before but I'll just mention it
here and maybe, well, whatever....

The default  _out of the box debian_  scripts for dialing
a ppp account which requires a password needs that password
in  /etc/ppp.chatscript. Yet this dialog is logged to 
/var/adm/messages which is world readable by default. In 
other words, anyone on this box can look up any ISP required
password just by cat'ing /var/adm/messages.  Am I making
sense ? /var/adm/messages is o+r and the pon chain logs
it's transactions to /var/adm/messages.

Anyway, either I may be stupid or there may be a BIG whole
in this set up. Might you care to extend any advice. This
box has three users and a different ISP each, is there a 
secure way for them to conduct there logins, each of which
require passwords?

mlarch@ix.netcom.com


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .