[xmonad] Issue 244 in xmonad: .xmonad/history permissions may allow
information leakage
codesite-noreply at google.com
codesite-noreply at google.com
Mon Dec 8 00:18:13 EST 2008
Status: New
Owner: ----
New issue 244 by j... at kitenet.net: .xmonad/history permissions may allow
information leakage
http://code.google.com/p/xmonad/issues/detail?id=244
What steps will reproduce the problem?
1. Use xmonad with XMonad.Prompt.Shell
2. Use the prompt to run some shell commands.
3. Observe ~/.xmonad/history is mode 644, and can be read by other users
if home directory permissions allow it.
What is the expected output? What do you see instead?
I'd expect a history file to be written with permissions that do not allow
the world to read it. Mode 600 is typical. This is because the file may
contain sensative information, up to and including passwords in some
circumstances, and home directory permissions sometimes don't block access.
(Eg, my home directory and .xmonad are 755, because I want other users to
be able to see my ~/.xmonad/xmonad.hs.)
What version of the product are you using? On what operating system?
0.8 of xmonad-contrib on Debian unstable
Please provide any additional information below.
If this error is due to a module from XMonadContrib, please tag this issue
with 'Component-Contrib' below.
Component-Contrib
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
More information about the xmonad
mailing list