The previous explanation suggests that's not really an issue and not
worth stable update so I'm going to wontfix,
William, those tasks were assigned to you so feel free to reopen and
upload anyway if you feel like it's worth doing but in the current state
it seems like that wasn't enough of a priority to get worked on
Till, we might still want to change the default for futur upload even if
it's minor?
** Changed in: hplip (Ubuntu Bionic)
Status: New => Won't Fix
** Changed in: hplip (Ubuntu Focal)
Status: New => Won't Fix
** Changed in: hplip (Ubuntu Impish)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to hplip in Ubuntu.
https://bugs.launchpad.net/bugs/1938442
Title:
Wrong permissions on ~/.hplip/.gnupg
Status in hplip package in Ubuntu:
New
Status in hplip source package in Bionic:
Won't Fix
Status in hplip source package in Focal:
Won't Fix
Status in hplip source package in Hirsute:
Won't Fix
Status in hplip source package in Impish:
Won't Fix
Status in hplip source package in Jammy:
New
Bug description:
[Impact]
* The directory ~/.hplip/.gnupg is readable by non-root users
* This directory contains only public keys, but should still
have the permissions changed to 700 for privacy reasons
[Test Case]
* Install hplip and run `hp-plugin -i`
* ls -al ~/.hplip and observe that ~/.hplip/.gnupg has perms drwxr-xr-x
* rm -rf ~/.hplip and install hplip from -proposed
* run `hp-plugin -i` again
* ls -al ~/.hplip and observe that ~/.hplip/.gnupg has perms drwx------
[Regression Potential]
* Because of file permissions becoming more restrictive,
it is possible that some other hplip binaries would
fail to read the .gnupg directory
* To ensure this isn't the case, testing should be done
on different hplip use-cases to ensure they still
function properly
[Original Description]
Hi,
we have a report in Fedora -
https://bugzilla.redhat.com/show_bug.cgi?id=1985251 - where Sergey
found out that ~/.hplip/.gnupg directory has permissions 755 instead
of 700. Perms 700 prevent accessing the dir by other users, because
the dir can contain private keys.
However, .gnupg dir contains only a public key used in GPG
verification of HP plugin, so the matter isn't that critical, but it
is good to have it fixed.
The patch is attached.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/hplip/+bug/1938442/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
