Title: Removing install logs

KBTAG: kben10000155
URL: http://www.securityportal.com/lskb/10000150/kben10000155.html
Date created: 21/10/2000
Date modified:
Date removed:
Authors(s): Kurt Seifried seifried@securityportal.com
Topic: Removing install logs
Keywords: Install

Summary:

The majoroity of Linux installation programs create a log of the packages they have installed, and in many cases this file is stored in /tmp/. This has the unfortunate consequence of easily allowing an attacker to determine what software is installed on a system (and in most cases which version). This is somewhat similar to the bug in SuSE's apache configuration where the /usr/share/doc directory was made publically available, meaning attackers could determine installed software and version.

More information:

In Red Hat Linux this file is /tmp/install.log, most Linux distributions will print a message during installation saying where the file is kept. You should either remove the file or move it into root's home directory.