[Secure-testing-team] Bug#805638: dbconfig-common: Insecure permissions for backup directory
Simon Ruderich
simon at ruderich.org
Fri Nov 20 14:07:52 UTC 2015
Package: dbconfig-common
Version: 1.8.47+nmu3
Severity: important
Tags: security
Hello,
dbconfig-common creates a backup of the database on update and
stores it in /var/cache/dbconfig-common/backups/. However the
permissions are readable for all users which might expose
sensitive data to all local users.
Regards
Simon
--
+ privacy is necessary
+ using gnupg http://gnupg.org
+ public key id: 0x92FEFDB7E44C32F9
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20151120/0f0ac504/attachment.sig>
More information about the Secure-testing-team
mailing list