[DebianGIS-dev] Bug#572032: world readable file ~/.josm/preferences contains password in plaintext
Jonas Stein
news at jonasstein.de
Mon Mar 1 06:44:50 UTC 2010
Package: josm
Version: 0.0.svn2255-1
Justification: Policy 10.9
Severity: serious
*** Please type your report below this line ***
ls -al ~/.josm/preferences
returns -rw-r--r--
The problem with the plaintext password is nothing new.
But it is dangerous and could be avoided.
Josm should at least chmod 700 this file.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-trunk-686 (SMP w/1 CPU core)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages josm depends on:
ii libgettext-commons-java 0.9.6-1 Java classes for
internationalizat
ii libmetadata-extractor-j 2.3.1+dfsg-1 JPEG metadata extraction
framework
ii openjdk-6-jre 6b17-1.7-1 OpenJDK Java runtime, using
Hotspo
ii openstreetmap-map-icons 1:0.0.svn18468-1 Collection of map icons
(classic s
ii sun-java6-jre 6-16-1 Sun Java(TM) Runtime
Environment (
Versions of packages josm recommends:
pn josm-plugins <none> (no description available)
josm suggests no packages.
-- no debconf information
More information about the Pkg-grass-devel
mailing list