[Pkg-freevo-maint] Bug#532795: passwords in local_conf.py are world readable and not encrypted

Daniel Pocock daniel at pocock.com.au
Thu Jun 11 18:03:02 UTC 2009

Package: freevo

/etc/freevo/local_conf.py can be read by all users

It contains unencrypted passwords for the web interface

Maybe the web interface passwords need to be kept in a separate file 
that is only readable by the user running the web server process?

More information about the Pkg-freevo-maint mailing list