Bug#659039: mumble: Mumble database is world-readable
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue Feb 7 16:20:00 UTC 2012
Package: mumble
Version: 1.2.3-2
Severity: normal
Tags: patch
User: ubuntu-devel at lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch
*** /tmp/tmpbbtG6M/bug_body
By default, Mumble creates it's config file and database with
world-readable permissions. The database may contain passwords.
In Ubuntu, the attached patch was applied to achieve the following:
* debian/patches/0004-set-file-permissions.patch: Set restrictive
permissions on data files. (LP: #783405)
Thanks for considering the patch.
-- System Information:
Debian Release: wheezy/sid
APT prefers precise-updates
APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 'precise-proposed'), (500, 'precise')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-12-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mumble_1.2.3-2ubuntu3.debdiff
Type: text/x-diff
Size: 2365 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20120207/fa6fda39/attachment-0001.diff>
More information about the Pkg-voip-maintainers
mailing list