* hallyn 's eyes glaze over at all of the acronyms02:24
hallynbut the extra interesting thing is that for suse they've updated it to make exceptions for wtmp and lastlog bc - wonder of wonders - it breaks applications othewrise02:25
sarnoldi'm *shocked* utterly *shocked* that stomping all over the place without understanding what's happening would have consequences02:29
hallynbtw https://github.com/shadow-maint/shadow/issues/679 was the reason for my asking02:36
-ubottu:#ubuntu-security- Issue 679 in shadow-maint/shadow "Tighten /var/log/ default file permissions from 644 to 640" [Closed]02:36
sarnoldheh, nice02:37
=== chris14_ is now known as chris14
blahdeblahLOL, nice summary hallyn: https://github.com/shadow-maint/shadow/issues/679#issuecomment-146428431204:18
-ubottu:#ubuntu-security- Issue 679 in shadow-maint/shadow "Tighten /var/log/ default file permissions from 644 to 640" [Closed]04:18
ebarrettohallyn, they updated that on disa stig v1r7  08:08
bancroftHello, sorry this is a reposted question from #ubuntu. I just got a notice that apt-key is deprecated except for apt-key del. How can I get the equivalent of `apt-key adv --refresh-keys --keyserver keyserver.ubuntu.com`? Maybe someone here has a recommended approach that would be secure? 15:33
* sdeziel wishes https://wiki.debian.org/Teams/Apt/Spec/AptSign would replace GPG :)15:38
tewardsdeziel: this assumes they ever completed it - Teams/Apt/Spec/AptSign (last modified 2021-06-22 05:33:13)17:34
tewardso maybe that spec isn't spec17:34
sdezielone can always dream ;)17:35
tewardsdeziel: but bancroft does make a good point there's no easy replacement mechanism to refresh keys17:35
tewardthough it's not a  -security question on its own it begs a few questions17:35
* teward summons sarnold for evil security things17:36
sarnoldbancroft: there's some advice in https://blog.jak-linux.org/2021/06/20/migrating-away-apt-key/ on various replacement options17:59
* sarnold starts brewing a fresh pot of coffee for teward 17:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!