Any problem with making auditd log readable by the adm group?
Hi,
in Debian, the convention for many log files is to make them readable
by members of the adm group. We're considering doing the same for the
auditd logs, in order to make apparmor-notify work out-of-the-box.
The maintainer of auditd in Debian would like to know what's your take
on it. What kind of problem could be created if we did that?
Cheers,
--
intrigeri