| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGUWgD8rwjqj=yoU-wnO67eYs2g-0Qze6nJcgQyMeDQmCtRYoA@mail.gmail.com> Date: Thu, 12 Nov 2020 13:26:57 +0200 From: Georgi Guninski <gguninski@...il.com> To: fulldisclosure@...lists.org Subject: [FD] Scope of Debian's /home/loser is with permissions 755, default umask 002 On Debian /home/loser is with permissions 755, default umask 0022 (If you don't understand the numbers, this means a lot of files are world readable). On multiuser machines this sucks much. Question: How much sensitive data can be read on default install? Partial results: 1. mutt (text email client) exposes ~/.mutt/muttrc, which might contain the imap password in plaintext. 2. Some time ago on a multiuser debian mirror we found a lot of data, including the wordpress password of the admin. 3. Anything created by EDITOR NEWFILE is readable, unless the directory prevents. This include root doing EDITOR /etc/NEWFILE Debian said won't fix: https://www.openwall.com/lists/oss-security/2020/10/07/4 Consider contracting me for gnu/linux security, CV: https://j.ludost.net/resumegg.pdf _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists