mailing list archives
Re: CVE request: psi+ stores the cache file as world-readable
From: Agostino Sarubbo <ago () gentoo org>
Date: Wed, 27 Feb 2013 00:38:22 +0100
On Tuesday 26 February 2013 14:27:23 Seth Arnold wrote:
Are there environments where ~/.cache isn't 0700 by default?
I don't know
You are completely right, but in case the .cache dir is not 0700, if these
files are not world-readable the problem never exist.
Gentoo Linux Developer