severity 308897 critical tags 308897 security thanks please correct me if this is over inflated severity. justification: introduces a security hole on systems where you install the packages
in its default configuration, backup-manager stores a .tar.gz of /etc in /var/backups. this file is world readable, so that any local user is able to read /etc/shadow, /etc/ppp/chap-scripts and other interesting bits from it. a solution to this problem is to have backup-manager create files with perms 0700. ciao, paul -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
