tags 613767 +wontfix close 613767 thanks > When reporting a bug for monit with reportbug, reportbug tries to > include the config file /etc/monit/monitrc, but fails. > > First, since /etc/monit/monitrc is expected to be protected against > reading, reportbug should not try to include it.
It's a reportbug issue, not monit (e.g., you can reproduce this "bug" on the "at" package, with at.deny conffile). You can suppress inclusion of the configuration files. Please, consult the reportbug documentation. > Moreover, under some conditions (e.g. reportbug is run as root, even > though this is discouraged), the file would be included, which can > be a security problem as the file can contain passwords. Again, please read documentation. reportbug manpage says about configuration files: "By default, _you are asked if you want to include them_; in some cases, doing so may cause sensitive information to be sent via email." So, I will close this bugreport. It's not a bug. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
