Remove read permission for others on senible log files

Signed-off-by: Christian König <ckoenig@posteo.de>
2025-04-24 00:00:14 +00:00 · 2022-06-19 23:09:05 +02:00 · 2022-06-19 23:09:05 +02:00 · 954a0c2a14
commit 954a0c2a14
parent b20aa865b9
3 changed files with 6 additions and 5 deletions
--- a/advanced/Scripts/piholeLogFlush.sh
+++ b/advanced/Scripts/piholeLogFlush.sh
@ -46,7 +46,7 @@ if [[ "$@" == *"once"* ]]; then
        # moved file (it will have the same file handler)
        cp -p /var/log/pihole/pihole.log /var/log/pihole/pihole.log.1
        echo " " > /var/log/pihole/pihole.log
-        chmod 644 /var/log/pihole/pihole.log
+        chmod 640 /var/log/pihole/pihole.log
    fi
 else
    # Manual flushing
@ -59,7 +59,7 @@ else
        echo " " > /var/log/pihole/pihole.log
        if [ -f /var/log/pihole/pihole.log.1 ]; then
            echo " " > /var/log/pihole/pihole.log.1
-            chmod 644 /var/log/pihole/pihole.log.1
+            chmod 640 /var/log/pihole/pihole.log.1
        fi
    fi
    # Delete most recent 24 hours from FTL's database, leave even older data intact (don't wipe out all history)