desktopcouch needs to write .ini files readable only by user
Bug #422243 reported by
Eric Casteleijn
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
desktopcouch |
Fix Released
|
Critical
|
Stuart Langridge | ||
desktopcouch (Ubuntu) |
Fix Released
|
Undecided
|
Chad Miller |
Bug Description
Binary package hint: desktopcouch
Since the couchdb .ini files used by desktopcouch will contain login information we need to make sure they are not readable by any user other than the one the database belongs to.
Related branches
lp:~sil/desktopcouch/chmod-ini-files-422243
Merged
into
lp:desktopcouch
- Rick McBride (community): Approve
- Nicola Larosa (community): Approve
-
Diff: 17 lines1 file modifieddesktopcouch/local_files.py (+10/-0)
Changed in desktopcouch (Ubuntu): | |
status: | New → Confirmed |
assignee: | nobody → Stuart Langridge (sil) |
Changed in desktopcouch: | |
status: | New → Confirmed |
assignee: | nobody → Stuart Langridge (sil) |
importance: | Undecided → Critical |
milestone: | none → w25-karmic-finalfreeze |
tags: | added: ubuntuone-karmic |
Changed in desktopcouch: | |
status: | Fix Committed → Fix Released |
Changed in desktopcouch (Ubuntu): | |
status: | In Progress → Fix Committed |
Changed in desktopcouch (Ubuntu): | |
status: | Fix Committed → Fix Released |
Changed in desktopcouch: | |
status: | Fix Released → Fix Committed |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Two things:
1) We should restrict log files also.
2) It would be easier to only chmod the directories that contain them.
Or, just set the umask when we start up. Is there anything we make with desktopcouch that should be readable by other people?