[xmonad] Issue 244 in xmonad: .xmonad/history permissions may allow information leakage

codesite-noreply at google.com codesite-noreply at google.com
Mon Dec 8 00:18:13 EST 2008

Status: New
Owner: ----

New issue 244 by j... at kitenet.net: .xmonad/history permissions may allow  
information leakage

What steps will reproduce the problem?
1. Use xmonad with XMonad.Prompt.Shell
2. Use the prompt to run some shell commands.
3. Observe ~/.xmonad/history is mode 644, and can be read by other users
    if home directory permissions allow it.

What is the expected output? What do you see instead?

I'd expect a history file to be written with permissions that do not allow
the world to read it. Mode 600 is typical. This is because the file may
contain sensative information, up to and including passwords in some
circumstances, and home directory permissions sometimes don't block access.
(Eg, my home directory and .xmonad are 755, because I want other users to
be able to see my ~/.xmonad/xmonad.hs.)

What version of the product are you using? On what operating system?

0.8 of xmonad-contrib on Debian unstable

Please provide any additional information below.

If this error is due to a module from XMonadContrib, please tag this issue
with 'Component-Contrib' below.


You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:

More information about the xmonad mailing list