Bug#598128: arora: creates drwxr-xr-x directories

[att200...@yahoo.it]

Package: arora
Version: 0.2-1
Severity: normal

Hi,

using KDE, if Arora is started from another user for the first time, it creates 
the ".local/" directory and 
and its content (".local/share/", ".local/share/data/", 
".local/share/data/Arora/") with "drwxr-xr-x" mode.

e.g.
at...@foscolo:~$ ls -al | fgrep local
drwx------  3 athos athos 4096 2010-04-23 16:04 .local
at...@foscolo:~$ xhost +local:
non-network local connections being added to access control list
at...@foscolo:~$ su cdatt
Password:
cd...@foscolo:/home/athos$ cd
cd...@foscolo:~$ arora &
[2] 8117
cd...@foscolo:~$ Qt: Session management error: Could not open network socket

cd...@foscolo:~$ ls -al | fgrep local
drwxr-xr-x  3 cdatt cdatt 4096 2010-09-08 00:02 .local
cd...@foscolo:~$ ls -l .local/
total 4
drwxr-xr-x 3 cdatt cdatt 4096 2010-09-08 00:02 share
cd...@foscolo:~$ ls -l .local/share/
total 4
drwxr-xr-x 3 cdatt cdatt 4096 2010-09-08 00:02 data
cd...@foscolo:~$ ls -l .local/share/data/
total 4
drwxr-xr-x 2 cdatt cdatt 4096 2010-09-26 18:48 Arora
cd...@foscolo:~$ ls -l .local/share/data/Arora/
total 28
-rw-r--r-- 1 cdatt cdatt   727 2010-09-26 18:48 cookies.ini
-rw-r--r-- 1 cdatt cdatt    83 2010-09-08 00:02 history
-rw-r--r-- 1 cdatt cdatt 20480 2010-09-26 18:48 WebpageIcons.db

I'm not sure if this could be a generic security problem - obviously not if 
home directories are not 
readable from other users - so I decide to classify it as a normal bug.
You can change, if you want.

Probably this is not an Arora specific problem but a QT or KDE issue.

I know that this is a very unusual way of using a browser but, in my opinion, 
it could be useful.

Thanks in advance.

Athos Toniolo



-- System Information:
Debian Release: 5.0.6
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages arora depends on:
ii  libc6                     2.7-18lenny4   GNU C Library: Shared libraries
ii  libgcc1                   1:4.3.2-1.1    GCC support library
ii  libqt4-network            4.4.3-1+lenny1 Qt 4 network module
ii  libqt4-webkit             4.4.3-1+lenny1 Qt 4 WebKit module
ii  libqtcore4                4.4.3-1+lenny1 Qt 4 core module
ii  libqtgui4                 4.4.3-1+lenny1 Qt 4 GUI module
ii  libstdc++6                4.3.2-1.1      The GNU Standard C++ Library v3

arora recommends no packages.

arora suggests no packages.

-- no debconf information








--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org