[Adduser-devel] Bug#331720: adduser: deluser --backup creates world readable file

Martin Geisler mgeisler at mgeisler.net
Tue Oct 4 22:04:29 UTC 2005

Package: adduser
Version: 3.63
Severity: normal
File: /usr/sbin/deluser

When making a backup with deluser, the resulting file is created like
any other file made by root, and with my umask of 022 it is world

This is bad since then everybody who get hold of it has access to the
old users files if the administrator does not take care to store the
backup in some safe place.

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages adduser depends on:
ii  debconf               Debian configuration management sy
ii  passwd                  1:4.0.3-31sarge5 change and administer password and
ii  perl-base               5.8.4-8          The Pathologically Eclectic Rubbis

-- debconf information:
* adduser/homedir-permission: true

More information about the Adduser-devel mailing list