[v3.1] rsyslog: some log files are created world-readable (CVE-2015-3243)
The default for syslog is $FileCreateMode 0644 but the rsyslog.conf
provided by the Debian package sets $FileCreateMode 0640
Reference:
https://security-tracker.debian.org/tracker/CVE-2015-3243
(from redmine: issue id 4409, created on 2015-07-01, closed on 2017-05-17)
- Relations:
- parent #4406 (closed)
- Changesets:
- Revision ade70fae by Natanael Copa on 2015-12-04T11:03:21Z:
main/rsyslog: fix default permissions (CVE-2015-3243). Fixes #4409