[Pkg-mailman-hackers] Bug#803161: mailman: /var/log/mailman/* world-readable by default, leaking sensitive list information
Dominik George
nik at naturalnet.de
Tue Oct 27 17:41:35 UTC 2015
Hi,
>This issue can be considered a security vulnerability, but it is
>certainly not a rot security hole, hence lowering the severity.
I actually think reportbug is very clear in that regard:
„introduces a security hole allowing access to
root (or another privileged system account), or *data normally
accessible only by such accounts*“
But this is up to you.
-nik
--
PGP-Fingerprint: 3C9D 54A4 7575 C026 FB17 FD26 B79A 3C16 A0C4 F296
Dominik George · Mobil: +49-151-61623918
Teckids e.V. · FrOSCon e.V. · OpenRheinRuhr e.V.
Fellowship of the FSFE · Piratenpartei Deutschland
Opencaching Deutschland e.V. · Debian Contributor
LPIC-3 Linux Enterprise Professional (Security)
More information about the Pkg-mailman-hackers
mailing list