Package: cacti-cactid Version: 0.8.5a-8 Severity: normal Tags: experimental
This comand shows the cacti's database password. # su - www-data -c "cat /etc/cacti/cactid.conf" I think that sometimes it can be retrieved by a regular user. For instance, a user that can write php scripts. Regards. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (990, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.27 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages cacti-cactid depends on: ii cacti 0.8.5a-8 Frontend to rrdtool for monitoring ii debconf 1.4.41 Debian configuration management sy ii libc6 2.3.2.ds1-18 GNU C Library: Shared libraries an ii libmysqlclient12 4.0.22-2 mysql database client library ii libsnmp5 5.1.2-6 NET SNMP (Simple Network Managemen ii libssl0.9.7 0.9.7e-2 SSL shared libraries ii zlib1g 1:1.2.2-3 compression library - runtime -- debconf information: * cacti/default-poller: cacti cacti-cactid/poller_name: /usr/lib/cacti/cactid -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
