mumble-server creates world readable config file
Bug #704674 reported by
Felix Geyer
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mumble (Debian) |
Fix Released
|
Unknown
|
|||
mumble (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned | ||
Karmic |
Fix Released
|
Undecided
|
Unassigned | ||
Lucid |
Fix Released
|
High
|
Unassigned | ||
Maverick |
Fix Released
|
High
|
Unassigned |
Bug Description
Binary package hint: mumble
mumble-server creates the config file /etc/mumble-
and doesn't change the permissions so it is world readable (0644).
The config file contains sensitive information like the server and sql password.
Changed in mumble (Ubuntu Lucid): | |
assignee: | nobody → Felix Geyer (debfx) |
status: | New → In Progress |
security vulnerability: | no → yes |
Changed in mumble (Debian): | |
status: | Unknown → Fix Released |
Changed in mumble (Ubuntu Lucid): | |
status: | New → Triaged |
Changed in mumble (Ubuntu Maverick): | |
status: | New → Triaged |
Changed in mumble (Ubuntu Hardy): | |
status: | New → Triaged |
Changed in mumble (Ubuntu Karmic): | |
status: | New → Triaged |
To post a comment you must log in.
Already fixed in natty (mumble 1.2.2-6).