ddns3-client (1.8-11)
* /etc/default/ddns3-client made readable by root only in debian/postinst
-- Ian Maclaine-cross Wed, 16 Nov 2011 18:01:04 +1100
** Changed in: ddns3-client (Ubuntu)
Status: Confirmed => Fix Released
** Changed in: ddns3-client (Ubuntu)
Assignee: (unassigned
Confirmed in 10.10 too.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
https://bugs.launchpad.net/bugs/174997
Title:
World-readable config file is insecure
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubu
On 11/17/2008 08:54 PM, Tristan Schmelcher wrote:
> Can we not simply change the file's permissions in the .deb's internal
> tar archive? I recall testing other Ubuntu DDNS clients when I found
> this bug and others did _not_ have an analogous problem, so they must
> have found a decent solution.
>
Can we not simply change the file's permissions in the .deb's internal
tar archive? I recall testing other Ubuntu DDNS clients when I found
this bug and others did _not_ have an analogous problem, so they must
have found a decent solution.
--
World-readable config file is insecure
https://bugs.la
Confirmed in 8.04, 8.10, 9.04(, and Debian unstable). However, in the
source package, debian/README.Debian clearly states that you (as a
privileged user) should "chmod 600 /etc/default/ddns3-client to protect
your password".
We could work around this issue by creating a debian/postinst to
accompl
** Visibility changed to: Public
--
World-readable config file is insecure
https://bugs.launchpad.net/bugs/174997
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubun
