Hey,

On Tue, 23 Oct 2001, Timothy Wilson wrote:

> I was adding a script to /etc/cron.daily today and I noticed that the
> stock scripts in there have their permissions set to 755. That seems strange
> to me. And while I'm at it, what should the perms be on log files in
> /var/log/?

Cron scripts need only be executable (not neccesarily readable) by the
user that will run them. As long as they're owned by the correct user they
can be 700.

Same for logs. They only need to be writable by the user who writes to the
log. For instance, if you're running Apache as user httpd, httpd needs to
have write permissions to /var/log/httpd/*. Nobody needs read permission -
root will be able to read it anyway.


-Yaron

--