[v3.0] rsyslog: some log files are created world-readable (CVE-2015-3243)
The default for syslog is $FileCreateMode 0644 but the rsyslog.conf
provided by the Debian package sets $FileCreateMode 0640
Reference:
https://security-tracker.debian.org/tracker/CVE-2015-3243
(from redmine: issue id 4408, created on 2015-07-01, closed on 2017-05-17)
- Relations:
- parent #4406 (closed)
- Changesets:
- Revision 90863c29 by Natanael Copa on 2015-12-04T11:09:29Z:
main/rsyslog: fix default permissions (CVE-2015-3243). Fixes #4408