2014-06-06 20:12:13 |
Mark Sapiro |
description |
Mailman creates log files with permissions -rw-rw-r--. This allows possibly untrusted local users to read those logs and possibly find sensitive information therein.
The same is true of lists/LISTNAME/request.pck files. |
Mailman creates log files with permissions -rw-rw-r--. This allows possibly untrusted local users to read those logs and possibly find sensitive information therein.
The same is true of lists/LISTNAME/request.pck files and data/heldmsg-* files. |
|