Home page logo

oss-sec logo oss-sec mailing list archives

Re: CVE request: psi+ stores the cache file as world-readable
From: Agostino Sarubbo <ago () gentoo org>
Date: Wed, 27 Feb 2013 00:38:22 +0100

On Tuesday 26 February 2013 14:27:23 Seth Arnold wrote:
Are there environments where ~/.cache isn't 0700 by default?
I don't know

You are completely right, but in case the .cache dir is not 0700, if these 
files are not world-readable the problem never exist.
Agostino Sarubbo
Gentoo Linux Developer

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]