Wrong permissions on ~/.hplip/.gnupg
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
hplip (Ubuntu) |
Won't Fix
|
Low
|
Till Kamppeter | ||
Bionic |
Won't Fix
|
Low
|
William Wilson | ||
Focal |
Won't Fix
|
Low
|
William Wilson | ||
Hirsute |
Won't Fix
|
Low
|
Unassigned | ||
Impish |
Won't Fix
|
Low
|
William Wilson | ||
Jammy |
Won't Fix
|
Low
|
Till Kamppeter |
Bug Description
[Impact]
* The directory ~/.hplip/.gnupg is readable by non-root users
* This directory contains only public keys, but should still
have the permissions changed to 700 for privacy reasons
[Test Case]
* Install hplip and run `hp-plugin -i`
* ls -al ~/.hplip and observe that ~/.hplip/.gnupg has perms drwxr-xr-x
* rm -rf ~/.hplip and install hplip from -proposed
* run `hp-plugin -i` again
* ls -al ~/.hplip and observe that ~/.hplip/.gnupg has perms drwx------
[Regression Potential]
* Because of file permissions becoming more restrictive,
it is possible that some other hplip binaries would
fail to read the .gnupg directory
* To ensure this isn't the case, testing should be done
on different hplip use-cases to ensure they still
function properly
[Original Description]
Hi,
we have a report in Fedora - https:/
However, .gnupg dir contains only a public key used in GPG verification of HP plugin, so the matter isn't that critical, but it is good to have it fixed.
The patch is attached.
Changed in hplip (Ubuntu): | |
milestone: | none → impish-updates |
milestone: | impish-updates → focal-updates |
Changed in hplip (Ubuntu Jammy): | |
milestone: | focal-updates → none |
Changed in fedora: | |
importance: | Unknown → Undecided |
status: | Unknown → New |
affects: | fedora → ubuntu-translations |
no longer affects: | ubuntu-translations |
affects: | hplip → ubuntu-translations |
no longer affects: | ubuntu-translations |
Changed in hplip (Ubuntu Bionic): | |
importance: | Undecided → Low |
Changed in hplip (Ubuntu Focal): | |
importance: | Undecided → Low |
Changed in hplip (Ubuntu Hirsute): | |
importance: | Undecided → Low |
Changed in hplip (Ubuntu Impish): | |
importance: | Undecided → Low |
Changed in hplip (Ubuntu Jammy): | |
importance: | Undecided → Low |
Changed in hplip (Ubuntu Hirsute): | |
status: | New → Won't Fix |
Changed in hplip (Ubuntu Impish): | |
assignee: | nobody → William Wilson (jawn-smith) |
Changed in hplip (Ubuntu Focal): | |
assignee: | nobody → William Wilson (jawn-smith) |
Changed in hplip (Ubuntu Bionic): | |
assignee: | nobody → William Wilson (jawn-smith) |
Ubuntu 20.04 is affected too.