> > I believe that the base-config logs should not be world readable. > > Some of the packages ask for passwords that are echoed back during > > the configuration (e.g. pppoeconf), albeit stored later in files > > not readable by the world. > > > THen this bug pertains to what you call pppoeconf (isn't this > pppconfig?) rather than base-config.....imho.
I thought someone might think so, but (imho as well) i still believe it's more of a non-package-related issue. As there is no policy saying things like "setup logs are world readable, so you MUST NOT echo passwords" for all the packages, the packages need not "know" about the base-config issues "wrapping" them. With the priority of debconf questions set at low, there are hundreds of questions asked. Are we going to review each and every of them to see if there's a security risk in logging the setup process? I think that, especially in the view of the absense of a policy in the likes of the above it is much more feasible to just make the logs unreadable by non-root (and actually I can't justify a setup in which it would be needed for a non-root to read them. They're only there for troubleshooting root's work, aren't they?) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
