|
From: Morris T. <mo...@em...> - 2015-03-24 10:25:07
|
Dear Andrew: I will reply your question tomorrow. sorry for not being able to reply you in-time. Dear All, Just a self-answering to my question: To change the default file permission for the audit log file, just change the value of SecAuditLogFileMode to what you want in modsecurity.conf. The related explanation of the variable is also attached as following: *Description:* Configures the mode (permissions) of any files created for concurrent audit logs using an octal mode (as used in chmod). See SecAuditLogDirMode for controlling the mode of created audit log directories. *Syntax:* SecAuditLogFileMode octal_mode|"default" *Default:* 0600 *Scope:* Any *Version:* 2.5.10 *Example Usage:* SecAuditLogFileMode 00640 This feature is not available on operating systems not supporting octal file modes. The default mode (0600) only grants read/write access to the account writing the file. If access from another account is needed (using mpm-itk is a good example), then this directive may be required. However, use this directive with caution to avoid exposing potentially sensitive data to unauthorized users. Using the value “default” will revert back to the default setting. -- BR, Morris On Tue, Mar 24, 2015, at 05:57 PM, Andrew Camilleri wrote: > Hi Morris! > > Just seen your email on modsecurity mailing list. Sorry for this, but > I am struggling to get modsecurity running and you managed to do it! > Wow! Can you please point me to some online resource that shows how > you did it? Also, can you please tell me the version of nginx + > modsecurity + OS? I am really stuck and any help would be > appreciated! Cheers! > > Andrew > > On 24 March 2015 at 09:49, Morris Taylor <mo...@em...> wrote: >> Dear All, >> >> I have installed mod security with my nginx server. However, I find >> the file permission of the audit log file is set to "-rw-r-----" (aka >> 640). I would like to ask where can I patch the related source code >> that let mod security create and write the audit log with the file >> permission set to "-rw-r--r--" (aka 644) ? Thanks a lot!. >> >> -- >> BR, Morris >> >> ------------------------------------------------------------------------------ >> Dive into the World of Parallel Programming The Go Parallel Website, sponsored >> by Intel and developed in partnership with Slashdot Media, is your hub for all >> things parallel software development, from weekly thought leadership blogs to >> news, videos, case studies, tutorials and more. Take a look and join the >> conversation now. http://goparallel.sourceforge.net/ >> _______________________________________________ >> mod-security-users mailing list >> mod...@li... >> https://lists.sourceforge.net/lists/listinfo/mod-security-users >> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >> http://www.modsecurity.org/projects/commercial/rules/ >> http://www.modsecurity.org/projects/commercial/support/ > |
