From 78eb04b9426dfd03a49aa2edde02fa40addbf1fe Mon Sep 17 00:00:00 2001
From: Robert Watson <rwatson@FreeBSD.org>
Date: Sat, 1 Sep 2001 21:00:28 +0000
Subject: [PATCH] o Note that some sites will want to select generally more
 conservative   permissions on some files, and give hints as to what those
 permissions   might be.  Note also that the current more liberal permissions
 might   get changed in future revisions.

---
 etc/newsyslog.conf | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/etc/newsyslog.conf b/etc/newsyslog.conf
index d4de96e5a2d..58789b72012 100644
--- a/etc/newsyslog.conf
+++ b/etc/newsyslog.conf
@@ -1,6 +1,12 @@
 # configuration file for newsyslog
 # $FreeBSD$
 #
+# Note: some sites will want to select more restrictive protections than the
+# defaults.  In particular, it may be desirable to switch many of the 644
+# entries to 640 or 600.  For example, some sites will consider the
+# contents of maillog, messages, and lpd-errs to be confidential.  In the
+# future, these defaults may change to more conservative ones.
+#
 # logfilename          [owner:group]    mode count size when [ZJB] [/pid_file] [sig_num]
 /var/log/cron				600  3	   100  *     Z
 /var/log/amd.log			644  7	   100  *     Z